{"report_id":"c580c29c-9b48-4207-831a-f32dd1572f9c","version":6,"status":"done","tags":[],"date":"2025-09-30T15:05:29Z","url":{"schema":"http","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"title":"MyPaymentVault"},"submit":{"url":{"schema":"http","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-04T15:05:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-28T22:11:46.369912Z","alert_count":0,"request_count":2,"received_data":32565,"sent_data":1054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","ip":{"addr":"3.164.68.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":165871,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:46.806455Z","alert_count":0,"request_count":1,"received_data":701,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"logs.mypaymentvault.com","ip":{"addr":"52.230.151.60","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":2765601,"first_seen":"2024-11-30T19:51:07.730787Z","last_seen":"2025-08-21T15:04:39.888191Z","alert_count":0,"request_count":1,"received_data":169,"sent_data":647,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"login.mypaymentvault.com","ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":268711,"first_seen":"2023-08-28T20:36:52Z","last_seen":"2025-08-21T15:04:39.531476Z","alert_count":0,"request_count":18,"received_data":4563423,"sent_data":12394,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","ip":{"addr":"54.240.174.125","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":166079,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:46.494839Z","alert_count":0,"request_count":1,"received_data":701,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","ip":{"addr":"3.167.2.53","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":166102,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:47.230575Z","alert_count":0,"request_count":1,"received_data":700,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-09-28T22:11:46.419999Z","alert_count":0,"request_count":5,"received_data":2542008,"sent_data":2381,"comment":"","tags":null,"fingerprints":null},{"fqdn":"wups.mypaymentvault.com","ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":2067313,"first_seen":"2024-11-30T19:51:07.732582Z","last_seen":"2025-08-21T15:04:39.711317Z","alert_count":0,"request_count":4,"received_data":3971,"sent_data":2026,"comment":"","tags":null,"fingerprints":null},{"fqdn":"external.onbe.io","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2021-03-09","domain_rank":2964736,"first_seen":"2022-12-20T18:35:11Z","last_seen":"2025-08-31T12:21:40.339837Z","alert_count":0,"request_count":2,"received_data":61271,"sent_data":1109,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-09-28T22:11:46.355495Z","alert_count":0,"request_count":3,"received_data":79221,"sent_data":1816,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae5d8819c18f8a65f1afc42e5a42c40d","sha1":"88e32a771977846c85cf49a35606287d41a8da77","sha256":"a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a","sha512":"63e0c5d288ab37767ffdc941c18b4021d844185c4cb32e57fa39b1b7d1243b36e37e835140e8f793ea0fe8f71d290f27a5c2d1584b10db1781eac661afc60581","ssdeep":"96:CkOdsTdPDdAoEfM87nL86ZsRXXe3EHcjplEnTheVmHIS7J:CkOdsTdJxEU+LTKRXOyqEeVbS7J","tlshash":"01f1201f6884243851b3f379ee6fa904f231163b0156a48a7d2dc5a2af3591ba771fcc","size":7740,"data":"","first_seen":"2025-06-27T23:44:17.978807Z","last_seen":"2026-04-02T15:02:41.261108Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"517dfc28767a0ac9733f943bfe17a611","sha1":"dd8b9d3a2e94ac1bdcc964cae72bbaa89a7173a2","sha256":"e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7","sha512":"d361c995aa2da63d471e9ef0d6328cac32aec14706bed1fc74888960564699d9da17dc8321ddf50f723503d16b77c312e59602f21217dae6ee82bb366fb849d9","ssdeep":"192:fqjsaWlGrkTR9lFjjUY6Q1sEZ4SSlqcBJJ7Ku/XI:fEWlV3YQglqSlKuA","tlshash":"2102928db6e2f06153b7a5a7812f500fb33d6969906c9058f245c8f17db44ae4227fbc","size":8685,"data":"","first_seen":"2025-06-27T23:44:17.974857Z","last_seen":"2026-04-02T15:02:41.292948Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d7945.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"51c1e2b7a1107ce548d964575cbd50eb","sha1":"6bc0c9faa88d2ba500adab735fcc9f67084f14de","sha256":"be7ffc35ca9c7ade4ec05ef4cc2ec41ce7ea95ea5d2a5a3003e53e0a6d3e5e03","sha512":"9a0511558fe21dd96a7b68f1eea7d6b23c1cb00b0bf09f7d3766dcf66f3f06bec15121a7ac6eae2dee7a2079fe4b877013528ee30dba7f488f23fad6932b025b","ssdeep":"24576:I/R8AJN8qUm0rp5Ok/fSCHat3jxpBh6oMj:I/R8AD8qUm0rp5Ok/fSCHat3jxpBh6og","tlshash":"651508987560b87242c7526a113f110bb23869f294ac80d4b235eced6efd8d9536bf3d","size":927335,"data":"","first_seen":"2025-06-27T23:44:17.973841Z","last_seen":"2025-10-30T15:01:45.592729Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea6a4dbf7f9ec90349d007ce4e4f9a1b","sha1":"7d112aa33ea4dbef2f04d6ebe45753f7b5743d41","sha256":"37ccef9acf52ce8c90014063e05c7de3ee70d532588394ce896b3f3818d40bc6","sha512":"ced7a98183332fb769fc58757845728b14350921700aa22c91624383f481f5e3b3964c75c75578397e5e45eb4cbd921133497dd12b26ad8f33a4bcef8b8830c3","ssdeep":"384:08YpuiXL8lGyqY6Nso6zpDazqhMpILc6i:0RusLPFao6zpoqCeLQ","tlshash":"83c2d78c694612551c73b77a672b607af7be4b63222c4501b8fc97805f75c10c2e6fea","size":27863,"data":"","first_seen":"2025-06-27T23:44:17.977791Z","last_seen":"2026-04-02T15:02:41.291427Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0df5eb1d8b2725905f856ce34af6ae82","sha1":"0ef2f0ceee06e9d3a0f7613b861fa3429aa4f7ec","sha256":"ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4","sha512":"7933bad6857edbe9f09d1a93f6c40e252f67b606a63b9ff92392ec0cf202f332f4d16d92dc93347f8f4dfecc9eea159ab3bd27afa57c6c73e7a353dd14c66d47","ssdeep":"24576:h+R4L7RoA3m1EvwJof0aAAZiJPsjc1ycvoAtpKYBokLRiWqEM8doH/Hw5:ff0apwycvBtq2","tlshash":"630517ddb16275a1132370f68063904c576ea429d8ce0d6f75e999f03ff080a61baeb7","size":817575,"data":"","first_seen":"2025-09-24T07:29:46.20947Z","last_seen":"2026-03-28T08:54:40.589601Z","times_seen":6861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-04-05T04:47:44.940686Z","times_seen":389019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"984012a73ac286beb9fc42457dd31672","sha1":"e4fbf3699de8246a8f804c16e38dc0748431b6c1","sha256":"52626b75404f4b8a27cfd07ebc667a65fd02b6b90f34a3bfc23342a5d5dc0058","sha512":"35f4a02a75e5423d1f06332d4daba196debd5877e1970801ad92adbcbac6b671ff2a3573320c5236b84050d6ddc2c4d4eba0fc2879c028084c1df75f33522766","ssdeep":"","tlshash":"0a7000082c28a80000223028800b00080022028220020002808020880c38eaa0002c8c","size":22,"data":"","first_seen":"2025-09-30T07:01:19.214207Z","last_seen":"2025-10-01T06:59:19.758576Z","times_seen":1769,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"50e78e072f9453386a8d9d1a86bae722","sha1":"4ff12f361357371d5405a01983e15c2e86e9dafb","sha256":"6406be61f40e940aa15c36f6c759af2f53589d0829193ed170a862964e6813f0","sha512":"7506be91768a1500f112d154bf243221006f0c657eb87be1574435a9eea474dea7199b7296da6ce267f8f42fc1680903f7a563a0f0ecb324ebefb9df688ed2ea","ssdeep":"384:/jOzhNgDKku45ji7jHo5uOgEHfpFnae6uCYJ1M:iv/JvTEH7aeDJ1M","tlshash":"1eb2d7d8f641f45862a3a2b1407f1108f3ff2861fd44281ce145d5ea6e71aa6607bfbb","size":24515,"data":"","first_seen":"2025-09-30T15:05:38.13432Z","last_seen":"2025-09-30T17:27:23.56529Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/bundle.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"179048763d43d8cc4c0028db808bb3a2","sha1":"d38c3aa44e760baa988fc8f971059b89579d8ba3","sha256":"9f2ecafcc26ebf474c212b7f93bb2caa792fe9521a7fdb1076934ad3dbb1cf65","sha512":"8eb936e72d7708b63450d6864e990d9f799aa036b09824a0f87f321000b8d123f251444144c33a3f1fbd2c5ae3b16c807dd49f372129041f3b540f62f82c7a6f","ssdeep":"49152:l/Ip90MPXPe772bhuuoGG+n5gt1xKvkryM:kt1k+C","tlshash":"49856db476a4b46a467708e5106f040c76396a4f981d80a0f37aecd62cbc54df6b7fac","size":1851081,"data":"","first_seen":"2025-09-30T15:05:38.137637Z","last_seen":"2025-10-02T17:09:09.453642Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html","fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","domain":"a79ab95c1589a13f8a4cab612bc71f9f7.com","tld":"com"},"ip":{"addr":"3.167.2.53","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e4d7d52e5909922bf021f1cc09b8932","sha1":"dc20df92c388423464243e53c7a378f0016effc9","sha256":"0242c236e7c83d9c9d5281fc2614b82c4bf516e7e2552c4e042ecbf9fcf45027","sha512":"3688150585a105000ce97509bdc6f57458ba180e835e6312a1fc386da30e41738b9ab08c87d90dabb5a2508d806346fd2b91373dff46fe215f54a9700685e7e3","ssdeep":"","tlshash":"dfb012c09c7480cb242120370855c0d010339e3b2b805116724095390511024031d2e0","size":87,"data":"","first_seen":"2025-03-14T16:11:06.601637Z","last_seen":"2026-04-03T18:22:23.760463Z","times_seen":161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee48a4da9c402e8a23ad085fb71f28f","sha1":"f0c59306d6313f9bee02b53ca8903991bd24bfd7","sha256":"9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622","sha512":"2c25a0ba0b95622da682d5f1d238c77a3858d621655ecf352bd49be5fa7d92c6417410accf16f50e039fe1c2863c575fa725c23a6f3587ac95a061e53b90e6d3","ssdeep":"","tlshash":"8c613fc432d0fc9622e671e4200b3525f03bc86a246e74c1f6358cd5ade448d93b6fb6","size":3227,"data":"","first_seen":"2023-03-07T12:09:16Z","last_seen":"2026-04-03T18:22:23.765083Z","times_seen":361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js","fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","domain":"b406929acabac9b095f124c81bdfcf57f.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee48a4da9c402e8a23ad085fb71f28f","sha1":"f0c59306d6313f9bee02b53ca8903991bd24bfd7","sha256":"9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622","sha512":"2c25a0ba0b95622da682d5f1d238c77a3858d621655ecf352bd49be5fa7d92c6417410accf16f50e039fe1c2863c575fa725c23a6f3587ac95a061e53b90e6d3","ssdeep":"","tlshash":"8c613fc432d0fc9622e671e4200b3525f03bc86a246e74c1f6358cd5ade448d93b6fb6","size":3227,"data":"","first_seen":"2023-03-07T12:09:16Z","last_seen":"2026-04-03T18:22:23.765083Z","times_seen":361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"3f55ff23f3ece00c715d189009980f57","sha1":"882a34f62e54650e735b6554a0808144b2336ceb","sha256":"6eae220a7dada73a9ad50605097d3d0a99849254da0f35815b73e140bc2826df","sha512":"99f3b73bcddfa259386d9c99de823b8024e9d1ed37dde354d45113a9b26e5442770ceba1ffae5eb975d95680ead6bb759c75859b5bbdbb34e3849fc6449193e7","ssdeep":"","tlshash":"2fa022c0ac00c880c00f30303022808880f3b0e382208e00f00080080e230cb3233fcb","size":64,"data":"","first_seen":"2025-09-30T07:01:19.222971Z","last_seen":"2025-10-01T06:59:19.754422Z","times_seen":1770,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0339e2050687ba4b62c6493c92a1195a","sha1":"1acc1081090236dd07fabf4c58c07dfe6eb251e6","sha256":"e7ee377f16e3d392e5469f4ff745d471d9c255497888f33a42d56378cb9a045a","sha512":"88c3d125125b253d67985d02e44fda68b991508ce07f765ab2232bbe8bb8a05ab0b49f8886dc7f820de2dff52e5d201e7932707ae3e06f5efa58af7276fa57c1","ssdeep":"1536:ittpXqryfX/F/AJEU1dXcaniLS5QjKKD/Uu85tfTr:gbXyWPKGUv7iLKKdm5","tlshash":"5453c02ae74330ebdefedf414fe29ae951bc804a1a0604dc51f603d6493dde5aa351d8","size":66532,"data":"","first_seen":"2025-09-30T15:05:38.142393Z","last_seen":"2025-09-30T15:05:38.142393Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e3e38a2e79feda94b298215542f2d03","sha1":"a701c146e9e73c01817a886d80166282dfb27391","sha256":"377daf9fa3da51b4a9474100d3302f1b155e6ef5c6b2a525988f71b138395b94","sha512":"ef082390e5154497a237098c7dc11e7a49bb537e4b849b2c496bedc49fccf631c96544d31cde3751c231a9d5893f30767f49ce2b8bc8a38facbc9187a781b0c0","ssdeep":"","tlshash":"2e1112b31614a0354b3619e2a1fbc670e492701cf12c85e8a519da842e6acc7ce04495","size":1051,"data":"","first_seen":"2025-09-30T15:05:38.128712Z","last_seen":"2025-09-30T15:05:38.128712Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js","fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","domain":"a79ab95c1589a13f8a4cab612bc71f9f7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee48a4da9c402e8a23ad085fb71f28f","sha1":"f0c59306d6313f9bee02b53ca8903991bd24bfd7","sha256":"9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622","sha512":"2c25a0ba0b95622da682d5f1d238c77a3858d621655ecf352bd49be5fa7d92c6417410accf16f50e039fe1c2863c575fa725c23a6f3587ac95a061e53b90e6d3","ssdeep":"","tlshash":"8c613fc432d0fc9622e671e4200b3525f03bc86a246e74c1f6358cd5ade448d93b6fb6","size":3227,"data":"","first_seen":"2023-03-07T12:09:16Z","last_seen":"2026-04-03T18:22:23.765083Z","times_seen":361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"3.164.68.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e4d7d52e5909922bf021f1cc09b8932","sha1":"dc20df92c388423464243e53c7a378f0016effc9","sha256":"0242c236e7c83d9c9d5281fc2614b82c4bf516e7e2552c4e042ecbf9fcf45027","sha512":"3688150585a105000ce97509bdc6f57458ba180e835e6312a1fc386da30e41738b9ab08c87d90dabb5a2508d806346fd2b91373dff46fe215f54a9700685e7e3","ssdeep":"","tlshash":"dfb012c09c7480cb242120370855c0d010339e3b2b805116724095390511024031d2e0","size":87,"data":"","first_seen":"2025-03-14T16:11:06.601637Z","last_seen":"2026-04-03T18:22:23.760463Z","times_seen":161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0df5eb1d8b2725905f856ce34af6ae82","sha1":"0ef2f0ceee06e9d3a0f7613b861fa3429aa4f7ec","sha256":"ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4","sha512":"7933bad6857edbe9f09d1a93f6c40e252f67b606a63b9ff92392ec0cf202f332f4d16d92dc93347f8f4dfecc9eea159ab3bd27afa57c6c73e7a353dd14c66d47","ssdeep":"24576:h+R4L7RoA3m1EvwJof0aAAZiJPsjc1ycvoAtpKYBokLRiWqEM8doH/Hw5:ff0apwycvBtq2","tlshash":"630517ddb16275a1132370f68063904c576ea429d8ce0d6f75e999f03ff080a61baeb7","size":817575,"data":"","first_seen":"2025-09-24T07:29:46.20947Z","last_seen":"2026-03-28T08:54:40.589601Z","times_seen":6861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fedf8a8040a81f8da9ae3ed81b927f5f","sha1":"e494e62ed657d6535c28c1338198cd998a95b66f","sha256":"c9e4b6f56dfb186c86cd40e53dd00cb665e411dd51f5c2d4808925c461d3165f","sha512":"8c85d96d770645e9a11a717a3c899913cf5e200f36cf980e9626e94100fc250ec10e0a1fe445bc2791da10853bbc4914656642baaf91f577c50abb99c063525b","ssdeep":"384:/jAzhNgDKku45ji7jHo5uOgEHfpFnae6uCYJ1I:Ev/JvTEH7aeDJ1I","tlshash":"7c82e9d8b641f45862a3a2b1407f110df3ff2861bd44281ce145d5ea6f70aa9607bfbb","size":18912,"data":"","first_seen":"2025-09-30T07:01:19.225162Z","last_seen":"2025-10-01T06:59:19.81254Z","times_seen":1769,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33bc245c5c4e6f5830f32e09231da0da","sha1":"d6751920d7ee63a2036b5b981a4075cc1851195b","sha256":"2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20","sha512":"d9140df05ed26a144a673e47d0795a452d929584c746db1a54d7934322e56002f99587ffa74620f09672b9949c55cedc57f22a4dd21b040702beb498d48111a8","ssdeep":"3072:MqzK7cIHfts229ga4KOaEiwet/HkllleFLsm:5zicIHftOga4KbEimLleFLsm","tlshash":"17a37cd23f70b5570a3785b170df208bb6f6451bac2a4ca1f020d4859fa6d4e50a7fba","size":101996,"data":"","first_seen":"2025-06-27T23:44:17.984628Z","last_seen":"2026-04-02T15:02:41.286039Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html","fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","domain":"b406929acabac9b095f124c81bdfcf57f.com","tld":"com"},"ip":{"addr":"54.240.174.125","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e4d7d52e5909922bf021f1cc09b8932","sha1":"dc20df92c388423464243e53c7a378f0016effc9","sha256":"0242c236e7c83d9c9d5281fc2614b82c4bf516e7e2552c4e042ecbf9fcf45027","sha512":"3688150585a105000ce97509bdc6f57458ba180e835e6312a1fc386da30e41738b9ab08c87d90dabb5a2508d806346fd2b91373dff46fe215f54a9700685e7e3","ssdeep":"","tlshash":"dfb012c09c7480cb242120370855c0d010339e3b2b805116724095390511024031d2e0","size":87,"data":"","first_seen":"2025-03-14T16:11:06.601637Z","last_seen":"2026-04-03T18:22:23.760463Z","times_seen":161,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"2e6e7fc47658dfa60671ed0a137fe0ee","sha1":"2936e7823009bd7042e55ad6e02895b351405f96","sha256":"bf3c24d3d84d0765c0ef3bd7a0107e0687862764e7daff714376e099533d2732","sha512":"7c4b392e822197ae38afcff4bfd91a88e406c8e0d5092c966a24619590d6e1e4c8f9d928dde145f8952f7f1714e4e2779abeb198e11104f6506dcd32f7492f96","ssdeep":"","tlshash":"007000082c38a00000223028800b00088022020222020002808020880c30a8b000288c","size":22,"data":"","first_seen":"2025-09-30T07:01:19.216131Z","last_seen":"2025-10-01T06:59:19.717279Z","times_seen":1771,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 08:03:23 GMT\r\nexpires: Mon, 06 Oct 2025 08:03:23 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 111705\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-05T04:45:33.737217Z","times_seen":542283,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logs.mypaymentvault.com/api/v1/sendLogs?cid=osiris\u0026cdsnum=1759244707955-sjn0000353-4a09bcbb-8132-49db-95b9-186b70b7c573\u0026csid=aef87d42-6cce-4b4b-86de-733aa0f94b71\u0026ds=js\u0026sdkVer=2.40.1.1968.8d77d8e","fqdn":"logs.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"52.230.151.60","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:10.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=osiris\u0026cdsnum=1759244707955-sjn0000353-4a09bcbb-8132-49db-95b9-186b70b7c573\u0026csid=aef87d42-6cce-4b4b-86de-733aa0f94b71\u0026ds=js\u0026sdkVer=2.40.1.1968.8d77d8e HTTP/1.1\r\nHost: logs.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1444\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Tue, 30 Sep 2025 15:05:10 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":269,"dns":38,"connect":114,"send":0,"wait":123,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:13.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3220\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 666\r\ndate: Tue, 30 Sep 2025 15:05:12 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: d2d2f169-b74d-418c-b3cc-c7d97476e32c\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":666,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8d62999e658e6e983c5ff8691ee491d9","sha1":"bf6106d127757c1ab1cc5820b6802ef7cc302fc3","sha256":"b8d0ed5ff692fb9eedeea03c4862436a43ba595e9bf05eee62bbea7c4137ec19","sha512":"597b93d3393790b8490ae362427197ae70a9452d35e748dba897272cc9e808dae8504428ccad71e991bea579ea9a80edac0b4b759c9f076912bebdc7e3747ac1","ssdeep":"","tlshash":"32014e33c4f7c926afa8a652a8ccf322cdb590b4109e54b77ce60c2054e26f5a548e0f","first_seen":"2025-09-30T15:05:38.083293Z","last_seen":"2025-09-30T15:05:38.083293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/cac94907833ae55f0a4c.otf","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /cac94907833ae55f0a4c.otf HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/styles.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: font/otf\r\ncontent-length: 86528\r\ncache-control: no-store\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5tk\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":86528,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"1f55925e52b9e71fd57108874184060d","sha1":"e8acc9022336f58bb5ee2e2d4d98b51bebf45990","sha256":"f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc","sha512":"9e8625cf49c03508965022ca62577fd7b7a54a6355d6ad4cf5e9d86d42eb505068c268d657993aeff6600d3b0da84e4352cbd3a5a17b5864e8ceeca4063ef25a","ssdeep":"1536:oHYux/E0UqYn9jYOoQf/Z9IlWwLMpQQPNB8wZXdg:QY9FbIAwQQQVGiXdg","tlshash":"23834a78f185e695e5d76e3613b2eb38e133fb6c6b9a46092ef1a74c84448453e38d03","first_seen":"2023-05-02T01:06:50Z","last_seen":"2026-04-04T22:00:32.43422Z","times_seen":218,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag","fqdn":"external.onbe.io","domain":"onbe.io","tld":"io"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"external.onbe.io","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Sun, 24 Aug 2025 00:00:00 GMT","end":"Tue, 24 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:B5:5F:92:17:14:A5:11:2A:76:36:CC:15:2E:9F:92:F6:AD:4C:3F","sha256":"BD:8D:0A:3A:5D:1B:7E:70:34:32:91:C2:D3:EB:3E:FD:4A:88:00:99:7C:61:63:03:25:28:22:98:8B:F6:20:E4"}}},"request":{"raw":"POST /mypaymentvaultapi/v1/generic/getCopyTag HTTP/1.1\r\nHost: external.onbe.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json;charset=UTF-8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nx-client-ip: 0.0.0.0\r\nContent-Length: 47\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nvary: Origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: DENY\r\naccess-control-allow-origin: https://login.mypaymentvault.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary\r\nrequest-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde\r\nset-cookie: ASLBSA=000362f652bb64c44d9d2af530facadeb0009d1213790b92de39d936a45f9077a2cd; Path=/; Secure; HttpOnly;\nASLBSACORS=000362f652bb64c44d9d2af530facadeb0009d1213790b92de39d936a45f9077a2cd; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150508Z-r1f97b5f7b5zcqqlhC1SVGcd2s0000000rfg00000000bhc3\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":59698,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5714681b402ec3a63133f654fcfbda33","sha1":"fb337cec0204cebebb33294149f44f37754a582e","sha256":"90c3a16e378d23b8e749914853c49d6bd458129c6c49769f238719cc92f3d93e","sha512":"d3c4f3a45c18d4414467a3b2841697ab7ed8d34ceed47d7b75bf7f9cff4ec6d70fe97f4410d61cf38decfd704a7f910d2fa28394c5309fba0b39df51708c1969","ssdeep":"768:K9wL/kHgAT47ZtTmZ2ft53uAn2y+YTd1hZFnNC4Ip3yMThoi6:+GL/5dv+YlMvgMT8","tlshash":"2043f83ee11955f2f7130ac074ca9e2cb654f164eb18474d89ad80ee0bf2ec57e8b256","first_seen":"2025-08-04T06:53:41.199778Z","last_seen":"2025-10-02T17:09:09.425108Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"13:4A:0B:81:A8:A4:37:A9:D7:31:CB:DD:A6:76:53:21:8A:1B:2E:0C","sha256":"2D:8F:A1:B5:9A:60:F4:14:AD:1C:29:44:92:C7:8B:AF:4F:27:CD:EE:15:0F:A8:E4:E8:11:CD:41:8C:75:45:4B"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncontent-security-policy: script-src 'nonce-lv8FNPUjVZm2JXFeac-tZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75466,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (56624)","md5":"fe8ed0ad335ca9744a0f278ca73d29e2","sha1":"a3f681cdcda97d7c73374a85b6bf355a82abb8df","sha256":"271fa5b3d8281cd85752ee9e932188989e241a6b3fe7dfe77bda82ed94d5960c","sha512":"180c9dc386e7eeb2b0866134d1799e843976a9d0064563e50f2b5b4bbcacb8ed0e4a0129eaf20a8e56288b85d2fa6a5a4657731bdb3ed2ce3f96a1de46916bbf","ssdeep":"1536:jA6ettpXqryfX/F/AJEU1dXcaniLS5QjKKD/Uu85tfTi:jAfbXyWPKGUv7iLKKdmQ","tlshash":"eb73b05597033097dfff8e825bd37eb9a1ad9046250244ac67fe02d98d7aca5a2243cc","first_seen":"2025-09-30T15:05:38.092791Z","last_seen":"2025-09-30T15:05:38.092791Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/styles.css","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: text/css\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rd\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":352703,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"ae0abb6ce2c40ec8d06a24a231e28298","sha1":"5016e8a1cb3005f69b63a0c8a956cf151031a9ca","sha256":"f8efe7cb0f68790e4df0516220ea1088fcc24e90ed3dc7d75b37f7721b1b583c","sha512":"a382b5f60549ee39a1beb1fe7476fa28f3a55031fc3361013f3e62d0a17209758b4a2d7fec28949a9e2175afeaa738150c7e6fe4ac5c6ee6517a695bd740de73","ssdeep":"3072:cn+N9tfyBF98GhclKpje60I458jvOuHG02W4bTSLibz:cnI9tfy398mpje60I45kHcG2P","tlshash":"b274b4d6f680307daca7c6669591fefc852fa545df121aa9f003772842c66d30a63ecc","first_seen":"2025-06-27T23:44:17.965601Z","last_seen":"2025-10-02T17:09:09.447872Z","times_seen":5,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/paymentvault_logo.svg","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/paymentvault_logo.svg HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/paymentvault_logo.svg","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/paymentvault_logo.svg HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 25 Sep 2025 20:51:25 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 614393fa-d01e-0059-150e-329548000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5tb\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":3822,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"69483fcdc147ef7ef1dfbee6522330d4","sha1":"3767839151e7fc484b493cfef12527997110284f","sha256":"ec0e613cb6227303daa335c31ad64521cfb7fa1075a10b03f6e4c9f7c6906d75","sha512":"4fd25e74aa9f7e2d1a643c2f0dba700f71b3b8c25fad30594a58b18234169c7ecd58819d9a5e9b94e6134b7a8a6cf29ca285d13d9e5fcadb1a1fb3a052e88c09","ssdeep":"","tlshash":"df7122f6f346c3b74687c1dcf6bc41f56592018bcbba80ec6efa6d182085dd9e524892","first_seen":"2024-05-07T14:13:59Z","last_seen":"2026-04-02T15:02:41.271591Z","times_seen":20,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1132\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 666\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 8983367a-9d21-46c2-9bf6-8ce5c880567b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":666,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"532dd9e98d0233bb5936fca4bb40665f","sha1":"871979b3f8d1062ef951a7edc9f2ff6aec871705","sha256":"b634a1e8f9f43ffa96b3d44a695655bc3ce8517734b18281c42cd6a9acf4762f","sha512":"028ad19d6ebe6951fbaeed19587467bb364435b986789cbf6e0c763a63ea2d93e30cd08023927eec61917f67ac5e1588487588b5e94bfd83228e20b8d269cd3b","ssdeep":"","tlshash":"9e0183b78cbd5582ea3d906273ac2b33676a781e04933cf01c951a2800820c9618acce","first_seen":"2025-09-30T15:05:38.098519Z","last_seen":"2025-09-30T15:05:38.098519Z","times_seen":1,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Sep 2025 17:59:02 GMT\r\nexpires: Fri, 25 Sep 2026 17:59:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 421566\r\nlast-modified: Mon, 16 Oct 2017 17:33:02 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15552,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15552, version 1.0","md5":"285467176f7fe6bb6a9c6873b3dad2cc","sha1":"ea04e4ff5142ddd69307c183def721a160e0a64e","sha256":"5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7","sha512":"5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1","ssdeep":"384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi","tlshash":"8462e103f2bc4c01e786193ebb5870237205272619efa67780ce7ea4c65ec81a39b457","first_seen":"2023-04-05T04:58:40Z","last_seen":"2026-04-05T04:14:00.368246Z","times_seen":338526,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/icons/inputbox-error.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/icons/inputbox-error.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/icons/inputbox-error.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/icons/inputbox-error.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 499\r\nlast-modified: Thu, 25 Sep 2025 20:51:36 GMT\r\netag: 0x8DDFC75518308C6\r\nvary: Origin\r\nx-ms-request-id: 126f51e8-a01e-0043-1818-32f497000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5tc\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]}],"data":{"size":499,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"3af344cee1c8584049d8a591af117473","sha1":"b0d8c911a350921a8281920912466db56b140908","sha256":"627ebb0812c94e3db367536399589a89ed2ace20c175dd269db2714f7ede0b40","sha512":"38266b96939915faef308aa49761499f514ceeaadf263be1770ce022ee7506bd3b9cd87914d333e9be59ca8ed09f5dc45b2e7fdff896b923de374183f1c23efd","ssdeep":"","tlshash":"7ef054eba7a53cde40e9cae6c0db01f2a4ea5e0d25834b1c3a0134d6366d8086435f27","first_seen":"2024-11-28T04:52:13.496066Z","last_seen":"2026-04-02T15:02:41.30126Z","times_seen":32,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag","fqdn":"external.onbe.io","domain":"onbe.io","tld":"io"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"external.onbe.io","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Sun, 24 Aug 2025 00:00:00 GMT","end":"Tue, 24 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:B5:5F:92:17:14:A5:11:2A:76:36:CC:15:2E:9F:92:F6:AD:4C:3F","sha256":"BD:8D:0A:3A:5D:1B:7E:70:34:32:91:C2:D3:EB:3E:FD:4A:88:00:99:7C:61:63:03:25:28:22:98:8B:F6:20:E4"}}},"request":{"raw":"OPTIONS /mypaymentvaultapi/v1/generic/getCopyTag HTTP/1.1\r\nHost: external.onbe.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-client-ip\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncontent-length: 0\r\nvary: Origin\r\naccess-control-allow-headers: content-type,x-client-ip\r\naccess-control-allow-origin: https://login.mypaymentvault.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 300\r\naccess-control-allow-methods: POST\r\nrequest-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5zcqqlhC1SVGcd2s0000000rfg00000000bhb4\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":1331,"timings":{"blocked":348,"dns":64,"connect":10,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html","fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","domain":"b406929acabac9b095f124c81bdfcf57f.com","tld":"com"},"ip":{"addr":"54.240.174.125","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.b406929acabac9b095f124c81bdfcf57f.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 06 Apr 2025 00:00:00 GMT","end":"Tue, 07 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B1:A6:F5:C8:18:74:B0:EB:75:19:01:EF:4D:D6:01:3B:88:D4:40:10","sha256":"D1:3A:E7:E6:BD:39:8B:22:A0:A8:72:C1:CB:22:97:D2:97:00:2D:28:5E:63:61:74:73:D1:7C:02:39:42:7A:9D"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.b406929acabac9b095f124c81bdfcf57f.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 30 Sep 2025 07:18:50 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 2DT9x8wor-fNVSzrFDraZ7Vydjv6lUgHTPAVMkXK75wxdCOZjqVReQ==\r\nage: 27979\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-03T18:22:23.659373Z","times_seen":371,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":89,"dns":56,"connect":2,"send":0,"wait":2,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/FaviconOnbeMarkBlack300ppi.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /FaviconOnbeMarkBlack300ppi.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=2; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB; cdSNum=1759244707955-sjn0000353-4a09bcbb-8132-49db-95b9-186b70b7c573\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150508Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5wr\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 348612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 08:03:33 GMT\r\nexpires: Tue, 29 Sep 2026 08:03:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Sep 2025 02:03:16 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 111695\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":817575,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (765)","md5":"0df5eb1d8b2725905f856ce34af6ae82","sha1":"0ef2f0ceee06e9d3a0f7613b861fa3429aa4f7ec","sha256":"ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4","sha512":"7933bad6857edbe9f09d1a93f6c40e252f67b606a63b9ff92392ec0cf202f332f4d16d92dc93347f8f4dfecc9eea159ab3bd27afa57c6c73e7a353dd14c66d47","ssdeep":"24576:h+R4L7RoA3m1EvwJof0aAAZiJPsjc1ycvoAtpKYBokLRiWqEM8doH/Hw5:ff0apwycvBtq2","tlshash":"630517ddb16275a1132370f68063904c576ea429d8ce0d6f75e999f03ff080a61baeb7","first_seen":"2025-09-24T07:29:46.20947Z","last_seen":"2026-03-28T08:54:40.589601Z","times_seen":6861,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42475\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 08:03:37 GMT\r\nexpires: Tue, 29 Sep 2026 08:03:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Sep 2025 02:03:16 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 111691\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":82743,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"92cac87fdff80e484c18a9e91eeb0d55","sha1":"a0bb9ae3dc4e0257d91177b2f37aeed57660c944","sha256":"1fa8ec203b93e88d4a75a11400d77c8c0a69c3515ce99e20da552695826fd55f","sha512":"4194ce9bad65e99bbb923bada3ec0ff85cfb1eb70e9cd47a98a7d2e0d12742b3737048255fb4efc630f4522009718926ee2fd890f7283d87dbc414752e3ea2ac","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOIOCtthXwW58YGx7:1GRFauOxLA/+IcTOiLXu","tlshash":"4d838f7338513b39fc2b9b616186b9edf21cc423e5514bfab6457a20c3db19a8253b07","first_seen":"2025-09-24T07:29:46.285607Z","last_seen":"2026-01-23T22:03:18.025814Z","times_seen":6147,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/bundle.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /bundle.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: text/javascript\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rm\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1851081,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65468)","md5":"24a02fbda4888233a0cd7010b26e654b","sha1":"162b4dda48c151009781c56be9a802368d34314f","sha256":"05518574cb863e6717d7c8cc6e1fdb691db85075b12d1d4a39c3421aa9dc737b","sha512":"aa884cb19afe77b044f529183776d2d4b4577c97a32667d4d26be795f4d9bbbc3268ec096844f9ffe9b9225a7c6acdfc7f437f90bcb96e3f4be03e7d766d53c0","ssdeep":"12288:lWHqVfo57rgsSs0cgnWcg06+uPXPe77elzbpHshcaZuoY:l/Ip90xuPXPe772bhuuoY","tlshash":"3e254b74b66469be563a08c5146f480c3d26a68fd42d40f0f3ba78951aac509ffe3fd8","first_seen":"2025-09-30T15:05:38.107402Z","last_seen":"2025-10-02T17:09:09.444637Z","times_seen":2,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/google.integration.min.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:33 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 10d78de5-501e-0035-7116-327edf000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rk\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]}],"data":{"size":8685,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (530), with CRLF line terminators","md5":"517dfc28767a0ac9733f943bfe17a611","sha1":"dd8b9d3a2e94ac1bdcc964cae72bbaa89a7173a2","sha256":"e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7","sha512":"d361c995aa2da63d471e9ef0d6328cac32aec14706bed1fc74888960564699d9da17dc8321ddf50f723503d16b77c312e59602f21217dae6ee82bb366fb849d9","ssdeep":"192:fqjsaWlGrkTR9lFjjUY6Q1sEZ4SSlqcBJJ7Ku/XI:fEWlV3YQglqSlKuA","tlshash":"2102928db6e2f06153b7a5a7812f500fb33d6969906c9058f245c8f17db44ae4227fbc","first_seen":"2025-06-27T23:44:17.974857Z","last_seen":"2026-04-02T15:02:41.292948Z","times_seen":12,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/8ff9389b19e9cea59194.ttf","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /8ff9389b19e9cea59194.ttf HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/styles.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: font/ttf\r\ncontent-length: 112892\r\ncache-control: no-store\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5tm\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112892,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"LTSH\", 14 names, Macintosh","md5":"4e1cb3055ec8aa56df85adb6af907fb7","sha1":"a76a8a0988f25a9502f1de91667371b6255cb392","sha256":"22847930f7950d0a5ca38426a82642757a1c133de6f8612f94eb70d8434f0fb1","sha512":"f98d26902fb859c78c9c83ac495920e757c30d061e331cbe393936ddc22cc6c985a55253feb22e6ed53c65c00b4f1ce22df79d820f909263c269a1ae62d4ad25","ssdeep":"1536:NVOBzpPKuHngVSPbUuuAVPQE3OoZ7fKjtWjqUNs2qSNMU5tZje37E/sQtq+knNn:NVOiSXPbUuOqTWt8s2qSNTzje3b+Kn","tlshash":"c5b3ae97f3c58b82cb69a0bfc75056a521b7783d9a37877075fc1aa2ec0903158e9f09","first_seen":"2023-05-04T06:12:57Z","last_seen":"2026-04-02T15:02:41.297762Z","times_seen":101,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"3.164.68.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.c81358859121583b7adf2ace89cb39f44.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 06 Apr 2025 00:00:00 GMT","end":"Tue, 07 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9A:52:6D:BC:41:3F:18:96:1D:A3:7C:CB:98:2A:71:2F:68:F5:F8:9D","sha256":"DA:E2:63:98:39:F5:01:E8:F2:73:1A:2A:80:00:FA:95:92:4D:15:03:A7:0B:07:47:50:92:7F:20:07:83:A8:B4"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.c81358859121583b7adf2ace89cb39f44.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 30 Sep 2025 07:46:11 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 60c8f8d4de5a35459e0055fc9ba6a424.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P4\r\nx-amz-cf-id: pthA0kijwPhQ_oB0girvKwA5zozkhpO-n2SuDap7dD3sbtsFLkxQ7g==\r\nage: 26338\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-03T18:22:23.659373Z","times_seen":371,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":74,"dns":14,"connect":14,"send":0,"wait":16,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"13:4A:0B:81:A8:A4:37:A9:D7:31:CB:DD:A6:76:53:21:8A:1B:2E:0C","sha256":"2D:8F:A1:B5:9A:60:F4:14:AD:1C:29:44:92:C7:8B:AF:4F:27:CD:EE:15:0F:A8:E4:E8:11:CD:41:8C:75:45:4B"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Tue, 30 Sep 2025 15:05:08 GMT\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"bc5b2e8e15bcf556fbcd74db68e0316d","sha1":"da5f145782b7ab689340e885012e5ee5f8e83f78","sha256":"9b6467d6e4c5e6265c754a1c0e591d703f59511d7c2ea3f474bf1569eb64c82e","sha512":"17d8b2637dd04293b2c5a70a50832218813362a7d4f3191492274c691110cfadac1852641b0d0c15c8f24ef0f6684879c18cb355da3490c191ea82490737bcd6","ssdeep":"","tlshash":"e0b012670910c83c4c000163c637d3b8e035d168ebd094f0803ccfd411572634610440","first_seen":"2025-09-24T07:29:46.295395Z","last_seen":"2026-01-23T22:03:18.029181Z","times_seen":5867,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W","date":"2025-09-30T15:05:08.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 348612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 08:03:33 GMT\r\nexpires: Tue, 29 Sep 2026 08:03:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Sep 2025 02:03:16 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 111695\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":817575,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (765)","md5":"0df5eb1d8b2725905f856ce34af6ae82","sha1":"0ef2f0ceee06e9d3a0f7613b861fa3429aa4f7ec","sha256":"ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4","sha512":"7933bad6857edbe9f09d1a93f6c40e252f67b606a63b9ff92392ec0cf202f332f4d16d92dc93347f8f4dfecc9eea159ab3bd27afa57c6c73e7a353dd14c66d47","ssdeep":"24576:h+R4L7RoA3m1EvwJof0aAAZiJPsjc1ycvoAtpKYBokLRiWqEM8doH/Hw5:ff0apwycvBtq2","tlshash":"630517ddb16275a1132370f68063904c576ea429d8ce0d6f75e999f03ff080a61baeb7","first_seen":"2025-09-24T07:29:46.20947Z","last_seen":"2026-03-28T08:54:40.589601Z","times_seen":6861,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T15:05:06.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5r3\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":741,"timings":{"blocked":326,"dns":51,"connect":8,"send":0,"wait":89,"receive":0,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:35 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: d34e32ac-001e-0028-1816-327363000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rg\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]}],"data":{"size":7740,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ae5d8819c18f8a65f1afc42e5a42c40d","sha1":"88e32a771977846c85cf49a35606287d41a8da77","sha256":"a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a","sha512":"63e0c5d288ab37767ffdc941c18b4021d844185c4cb32e57fa39b1b7d1243b36e37e835140e8f793ea0fe8f71d290f27a5c2d1584b10db1781eac661afc60581","ssdeep":"96:CkOdsTdPDdAoEfM87nL86ZsRXXe3EHcjplEnTheVmHIS7J:CkOdsTdJxEU+LTKRXOyqEeVbS7J","tlshash":"01f1201f6884243851b3f379ee6fa904f231163b0156a48a7d2dc5a2af3591ba771fcc","first_seen":"2025-06-27T23:44:17.978807Z","last_seen":"2026-04-02T15:02:41.261108Z","times_seen":12,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/login_page.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/login_page.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 25 Sep 2025 20:52:01 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 9f94ce38-501e-0057-650e-32bcf8000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5th\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1069497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1276 x 957, 8-bit/color RGBA, non-interlaced","md5":"11d3b4bd8133332bf7df4ef67629aa23","sha1":"1454233f587f8d40260b85211937b1857a7a77c0","sha256":"d4c5d8c37d7d0ad3323dac97dadccfb4c4fd2a867c625cf62b8363014b7d4d10","sha512":"803b6df515a10339dea2a83b6286d07e33f707d62936a77d9a82de0a4fbcb75858d841dc00dfdf2e5880e53d90480eef3fb55ef059c9a57e1bbf9cec56009af9","ssdeep":"24576:lu7kI2TyM2JyuonE5Z3z3YK36w7ZeC1H0slVtMDM0pVlPxv6:8I2M2Zon0z3YK2C1Uq3YHVv6","tlshash":"a6253336e1c4adb05aeeb4c23f8a2d59ad624251a5445c0484bfcd35f268bc9edf837c","first_seen":"2025-08-04T06:53:41.215118Z","last_seen":"2026-03-29T13:26:02.356497Z","times_seen":12,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 348612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 08:03:33 GMT\r\nexpires: Tue, 29 Sep 2026 08:03:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 22 Sep 2025 02:03:16 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 111695\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":817575,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (765)","md5":"0df5eb1d8b2725905f856ce34af6ae82","sha1":"0ef2f0ceee06e9d3a0f7613b861fa3429aa4f7ec","sha256":"ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4","sha512":"7933bad6857edbe9f09d1a93f6c40e252f67b606a63b9ff92392ec0cf202f332f4d16d92dc93347f8f4dfecc9eea159ab3bd27afa57c6c73e7a353dd14c66d47","ssdeep":"24576:h+R4L7RoA3m1EvwJof0aAAZiJPsjc1ycvoAtpKYBokLRiWqEM8doH/Hw5:ff0apwycvBtq2","tlshash":"630517ddb16275a1132370f68063904c576ea429d8ce0d6f75e999f03ff080a61baeb7","first_seen":"2025-09-24T07:29:46.20947Z","last_seen":"2026-03-28T08:54:40.589601Z","times_seen":6861,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":82,"dns":1,"connect":16,"send":0,"wait":16,"receive":64,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:18 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 8dcd5de8-e01e-0042-6b16-32ab4b000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rf\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":27864,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1983), with CRLF line terminators","md5":"ea6a4dbf7f9ec90349d007ce4e4f9a1b","sha1":"7d112aa33ea4dbef2f04d6ebe45753f7b5743d41","sha256":"37ccef9acf52ce8c90014063e05c7de3ee70d532588394ce896b3f3818d40bc6","sha512":"ced7a98183332fb769fc58757845728b14350921700aa22c91624383f481f5e3b3964c75c75578397e5e45eb4cbd921133497dd12b26ad8f33a4bcef8b8830c3","ssdeep":"384:08YpuiXL8lGyqY6Nso6zpDazqhMpILc6i:0RusLPFao6zpoqCeLQ","tlshash":"83c2d78c694612551c73b77a672b607af7be4b63222c4501b8fc97805f75c10c2e6fea","first_seen":"2025-06-27T23:44:17.977791Z","last_seen":"2026-04-02T15:02:41.291427Z","times_seen":12,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/login_page.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/login_page.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:47:05.041284Z","times_seen":13359598,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 929\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 626\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: d8bf9888-1f0d-419f-986c-98c2d45f56f1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":626,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"80ac3a72aa7c09db41147bcda78d4108","sha1":"7f9682a167acdd4dc7b1b496f2eb07be9cb01b7b","sha256":"805091b9520221a12219fa22b733983c0270bc8aafad6a8dd4272c55187e3fb7","sha512":"94eabae4515a3a0827ea5437ccd6440b4ae9c3e26f0e4bf6e775aea14a493a76f98bb2afd73839b226bcf3daf0ffc6b1f1788312ecd20f115b89b44474fe3ed1","ssdeep":"","tlshash":"3ef068f76f715474c2b4271c39143ae59c87352c186a3d0f5df5031185d34301ba506f","first_seen":"2025-09-30T15:05:38.120478Z","last_seen":"2025-09-30T15:05:38.120478Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html","fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","domain":"a79ab95c1589a13f8a4cab612bc71f9f7.com","tld":"com"},"ip":{"addr":"3.167.2.53","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a79ab95c1589a13f8a4cab612bc71f9f7.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 01 Apr 2025 00:00:00 GMT","end":"Sat, 04 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F2:85:27:88:79:3D:C8:09:05:B0:B9:D5:B6:5B:FC:1B:29:55:A7:7D","sha256":"62:3E:00:D6:55:CE:3F:4A:BD:C9:4F:0B:81:03:03:5A:90:F4:C0:D0:55:67:05:F5:42:FD:D8:EA:A5:30:93:0D"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 30 Sep 2025 14:42:43 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dfa43a17d6715f83d8bb6aa560e80366.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: GxVwtLGYPdVI8afKHokHoLkR1Tv6cCrOfMEJ_oQ48o8kX87T-jsNfQ==\r\nage: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-03T18:22:23.659373Z","times_seen":371,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":47,"dns":14,"connect":1,"send":0,"wait":4,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/logo192.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:08.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /logo192.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=2; bmuid=1759244707365-D916388A-2CEF-479B-A411-144AFAAB6BAB; cdSNum=1759244707955-sjn0000353-4a09bcbb-8132-49db-95b9-186b70b7c573\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:08 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20250930T150508Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5wq\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=XrIDux0s7SoNe6_IHkjGC92W\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=hjy4hbhg5a7n","date":"2025-09-30T15:05:08.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15344\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Sep 2025 12:58:05 GMT\r\nexpires: Tue, 29 Sep 2026 12:58:05 GMT\r\ncache-control: public, max-age=31536000\r\nage: 94023\r\nlast-modified: Mon, 16 Oct 2017 17:32:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15344, version 1.0","md5":"5d4aeb4e5f5ef754e307d7ffaef688bd","sha1":"06db651cdf354c64a7383ea9c77024ef4fb4cef8","sha256":"3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc","sha512":"7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48","ssdeep":"384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw","tlshash":"5162e16aef76dc7e4f1af1361c01b45404462290ba6155eff00d6e1d4eed1aff461392","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T04:38:28.076148Z","times_seen":536175,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d7945.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/js/d6a9d7945.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 23:32:52 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 210cac51-201e-0062-170c-32d0ec000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5re\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":927335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63879), with CRLF line terminators","md5":"51c1e2b7a1107ce548d964575cbd50eb","sha1":"6bc0c9faa88d2ba500adab735fcc9f67084f14de","sha256":"be7ffc35ca9c7ade4ec05ef4cc2ec41ce7ea95ea5d2a5a3003e53e0a6d3e5e03","sha512":"9a0511558fe21dd96a7b68f1eea7d6b23c1cb00b0bf09f7d3766dcf66f3f06bec15121a7ac6eae2dee7a2079fe4b877013528ee30dba7f488f23fad6932b025b","ssdeep":"24576:I/R8AJN8qUm0rp5Ok/fSCHat3jxpBh6oMj:I/R8AD8qUm0rp5Ok/fSCHat3jxpBh6og","tlshash":"651508987560b87242c7526a113f110bb23869f294ac80d4b235eced6efd8d9536bf3d","first_seen":"2025-06-27T23:44:17.973841Z","last_seen":"2025-10-30T15:01:45.592729Z","times_seen":8,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.69","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/s2p.min.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:31 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 77dc4745-b01e-0012-6a16-32691b000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20250930T150507Z-r1f97b5f7b5bzvqzhC1SVG2g88000000097g00000000d5rh\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":101996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"33bc245c5c4e6f5830f32e09231da0da","sha1":"d6751920d7ee63a2036b5b981a4075cc1851195b","sha256":"2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20","sha512":"d9140df05ed26a144a673e47d0795a452d929584c746db1a54d7934322e56002f99587ffa74620f09672b9949c55cedc57f22a4dd21b040702beb498d48111a8","ssdeep":"3072:MqzK7cIHfts229ga4KOaEiwet/HkllleFLsm:5zicIHftOga4KbEimLleFLsm","tlshash":"17a37cd23f70b5570a3785b170df208bb6f6451bac2a4ca1f020d4859fa6d4e50a7fba","first_seen":"2025-06-27T23:44:17.984628Z","last_seen":"2026-04-02T15:02:41.286039Z","times_seen":12,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 222\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 977\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 7a362359-b0ab-4009-aa33-d650c28c30be\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":977,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e64b75e39efd7ee9cb778a95b6b64260","sha1":"c27c6cafde3c1416559888583591678972afc5bb","sha256":"a47aadcdc4fc9d3d90cfe26e0b5b75c14a3f57367d9be9d9555887dd1d403609","sha512":"ca9702696e7984eb8c5a01ea0d31294fa44eaebd58d6f7b6af9cf68f9ef3c1b9d63c51b39ad7bd1bf0d6a0a38fc8f9f0178108aae67621a5a803a12939a43183","ssdeep":"","tlshash":"c41132619674c4b494cd85d93076755f68b2772360dfb48425cb90606861bb36a0d40d","first_seen":"2025-09-30T15:05:38.125769Z","last_seen":"2025-09-30T15:05:38.125769Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1125,"timings":{"blocked":503,"dns":26,"connect":116,"send":0,"wait":119,"receive":0,"ssl":360},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-09-30T15:05:07.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:37:54 GMT","end":"Mon, 01 Dec 2025 08:37:53 GMT"},"fingerprint":{"sha1":"28:1C:E7:95:EC:8D:32:9E:63:9A:72:B2:8D:47:E5:13:F7:CA:5E:18","sha256":"52:99:CC:AA:BC:C4:15:12:9C:2B:FA:D7:97:2A:C4:D3:7D:B0:5C:E0:02:26:3C:8D:B2:4B:BE:89:1A:70:D6:31"}}},"request":{"raw":"GET /recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Tue, 30 Sep 2025 15:05:07 GMT\r\ndate: Tue, 30 Sep 2025 15:05:07 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1051,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1051), with no line terminators","md5":"9e3e38a2e79feda94b298215542f2d03","sha1":"a701c146e9e73c01817a886d80166282dfb27391","sha256":"377daf9fa3da51b4a9474100d3302f1b155e6ef5c6b2a525988f71b138395b94","sha512":"ef082390e5154497a237098c7dc11e7a49bb537e4b849b2c496bedc49fccf631c96544d31cde3751c231a9d5893f30767f49ce2b8bc8a38facbc9187a781b0c0","ssdeep":"","tlshash":"2e1112b31614a0354b3619e2a1fbc670e492701cf12c85e8a519da842e6acc7ce04495","first_seen":"2025-09-30T15:05:38.128712Z","last_seen":"2025-09-30T15:05:38.128712Z","times_seen":1,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":167,"dns":1,"connect":16,"send":0,"wait":64,"receive":0,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}