firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 00:08:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 49ZaLhc18Y2z-CNH4COuqV3IITzWOCGkxmpbil-5RnENULJ6Oz9bXQ==
Age: 1405
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20374
Expires: Tue, 13 Sep 2022 06:11:32 GMT
Date: Tue, 13 Sep 2022 00:31:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jDBDP9piUo5vuMN2KBBcPhBX4nRijXZmEaFDme0qyzvggmPMV7U2tg==
age: 62086
X-Firefox-Spdy: h2
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0
190.14.39.137301 Moved Permanently 290 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 59641f26d1b7c60585582819efc5fbc6
da53ecfcb38df8124a72e25ff798354991ddffbd
8443e59df8e6fcd94c599ea7be8b707e1502cd89733941f32e5fc590fa783a8f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0 HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:31:58 GMT
Server: Apache
Location: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Content-Length: 290
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 00:31:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 23:56:07 GMT
Expires: Tue, 13 Sep 2022 00:55:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oQdsIZe6OlegM5BbXzEUwKKSaXFDNOb-b88Xi6gTITBsJ37Mmuk5Pw==
Age: 2152
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/diffuser.js
190.14.39.137200 OK 24 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/diffuser.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (24240), with no line terminators
Hash 4d482a43613d3966f353ec9d97452e0c
4acc9cf492267ab6d351fb11246431bd7d6e6387
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/diffuser.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 24240
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5836
Cache-Control: max-age=119523
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:31:59 GMT
Etag: "631ee896-1d7"
Expires: Wed, 14 Sep 2022 09:44:02 GMT
Last-Modified: Mon, 12 Sep 2022 08:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/bat.js
190.14.39.137200 OK 39 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/bat.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 text, with very long lines (38691), with no line terminators
Hash ac4d95c045ef8f3e8379e37af922c5de
e2ffcabc518e603388fa59ea434007cd944f0102
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/bat.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 38692
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
190.14.39.137200 OK 202 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33365), with CRLF line terminators
Size 202 kB (201748 bytes)
Hash 8914a749a9fabbf31d75a0072f442917
e865f5a718933ceb65398eb94fe4c8d5847df43a
ee520fa6961db93beacea3db96d0f26fb6c76955c4670e3c5134dec53def3db5
Analyzer Verdict Alert openphish Alaska USA Federal Credit Union
fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/ HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:58 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 201748
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/conversion_async.js
190.14.39.137200 OK 40 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/conversion_async.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (2165)
Hash 2ad0d958f542d6413d6659ee0f326990
3d1e60f63dbf73ee3243a4026ba399adfc182306
e72db31d34fa81fc2fd176495d2df4c40479c39bfcf9e44f9889c4ab068ac312
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/conversion_async.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 39669
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/analytics.js
190.14.39.137200 OK 50 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/analytics.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/analytics.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_002.js
190.14.39.137200 OK 7.2 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_002.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (7193), with no line terminators
Hash 22abdbb9b50e7b90ba78f4d3c9beda5a
cb480a3ef2a892a390f24d9e636dd8c3c0adb040
e3db340f53f39e29e32528a7a9e62196795570000c48fbccafd3d317f8cc5c32
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_002.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 7193
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
52.89.15.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.15.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eVKl9x7/JnoxuWekrYt9hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VQuqI5epOPbTxKk7eave5kZonT8=
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_003.js
190.14.39.137200 OK 730 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_003.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (730), with no line terminators
Hash b1521cece665fffc7e6dd30cbb428b05
675c219f992c5b74f967efac16d3c926806ba581
acced437d2e50761d357e031c52b1c0d2033e9e2f73f3fbdd662efe4b219a33b
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common_003.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 730
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-base.css
190.14.39.137200 OK 33 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-base.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
Hash 8037ddce825758ba1e0c138d39b9196a
0b1aabd228e6e0fadfc2893bc7962923401ed737
02ed2503598af46797e8cd9c01206811a443718f60710dd8eef5fb80fcb5085e
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-base.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 32972
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css
190.14.39.137200 OK 22 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 (with BOM) text, with very long lines (844), with CRLF, LF line terminators
Hash 929b58d880bf8d32063c0649006d9cad
5bb10c31a1df7cad6a9f12c4ef7b588c35f0c8e3
b12e1e3064b4f4326b72c433d17f4bd5e08f66f5db63786d6e4bf011068b9611
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 21523
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common.js
190.14.39.137200 OK 237 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (65536), with no line terminators
Size 237 kB (237217 bytes)
Hash c69abc5876b87037b3e4d3f59755dc1e
851051bcce8a96de93c257eadc2689af880ad135
7c377b05837f055438d00630f31546d6c69cb5c0d59cc27c2315e0d305732f47
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/alaska-common.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 237217
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otSDKStub.js
190.14.39.137200 OK 20 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otSDKStub.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (19694)
Hash 8fc87fca77f2314d567d858cc7d76ab3
911badf574611e12f8f97d60b8887724d7ed97d8
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otSDKStub.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 19695
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js_002
190.14.39.137200 OK 175 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js_002
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (3066)
Size 175 kB (174884 bytes)
Hash d1d820864661b3035a29e854c03b8310
526de1d19a4d2a8beb2b3c3b66a9c415360f0db9
1eec4938cd3546c4458c2ce4f79bebe1d377c1a77e079857546e229e6eafcceb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js_002 HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 174884
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/gtm.js
190.14.39.137200 OK 253 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/gtm.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (50320)
Size 253 kB (252736 bytes)
Hash 95b2320ab8b067356741012934bb0153
62c69a99aeab134f9843951db14e2c27d0229bec
b30e4b5efdca92bc64199204ac1b7110c0b1c92579158de6438ca0f9b8d935bd
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/gtm.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:31:59 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 252736
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-home.css
190.14.39.137200 OK 6.7 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-home.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash eb24c8c177067713d50fa23d8cdff07a
9e156bf4474c9429c5935e3a59d7e337952d22e3
f5e65c840fd08791aeff11db071841b38621ac84cf9ce8deafcd1e5b34e38924
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-home.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 6686
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.css
190.14.39.137200 OK 9.8 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 text, with very long lines (336), with CRLF line terminators
Hash 47e72e2d22d5583c1eb12ef0765063a8
1d85e361866f5ecd9761d3fbd0966c1a9c3be68e
b0a68794116326286b4fd630d74ccd66a8bcb8405f140bf01c43cf46247c1205
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 9766
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a
190.14.39.137200 OK 1.7 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (1680), with no line terminators
Hash da1a2e1973d3c9408bc6a7905ccadd4a
8eb3b9fed498ac25d3213553eee37b79a3cf8fb8
ce5d275c5cef6c88a845ac043c6414c912a7550f4978bdc7073b300eb444ad58
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 1680
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a_002
190.14.39.137200 OK 246 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a_002
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with no line terminators
Hash 5c5d2af1bb7dc0f914ba76fd23e4010c
7d451af1722ed1102d9cf88dc759b887f5246cc3
28b37d64f0f7bed03d5d8ff86410bd0774779d96cd513c3af752166054ec086c
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/a_002 HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 246
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_config_prod.js
190.14.39.137200 OK 2.0 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_config_prod.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document, ASCII text, with CRLF line terminators
Hash 47510534910390c3dfe366a3265e23be
bb419b36689d60c34db008fdfa1cdcba3ba17667
f470059fdf77da969a7bfb16cab1efd7e1f5edf8a02526738125ddf6c1c339b3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_config_prod.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 2014
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 977e0ea1eb985f1be243805ccff06b75
3a75e1ec4e88e63f8a44a4c04e524b98410bfdbe
340f5eafacf9b941bc8e83ef6b35d00a72250aca53d8386aab65bda73a81af4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: ECS (amb/6BA2)
Content-Length: 471
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/cxbus.js
190.14.39.137200 OK 20 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/cxbus.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (20450)
Hash 1af05cae75ce2c9916440830b58349c4
0da7c244267db9bae6e778e0bec1aad1cfe6c66f
3dad359622e49b9eb4ee7e71d2d7bedfbcc2684f15b11caa1698e4ba1a7fb4a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/cxbus.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 20521
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otBannerSdk.js
190.14.39.137200 OK 349 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otBannerSdk.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (65456)
Size 349 kB (349017 bytes)
Hash 09842127b6fe7cd7fed7be501a5e0ee8
41a188777ac1c69c98dd0e11f6c30c2f21e02510
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/otBannerSdk.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 349017
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery-3.js
190.14.39.137200 OK 90 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery-3.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery-3.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery_002.js
190.14.39.137200 OK 7.7 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery_002.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 60b2238f45fc0986d4a3abe0305e235b
8ca5e75600978dea3ab9e0bc5163089fa31136c8
757f4d75ee03e0028ab7a66650e2bd82a3c1380abb6a41378ff37cb08f77b3bb
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery_002.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 7731
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery.js
190.14.39.137200 OK 11 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 051272c4e36d6fa39fef32114cb7a00c
2596e235f567d26cc263d68aad79ac159d5ba56a
5a51ffb3148b1ca7f7b98fc5846542aaf84325846fcd490f365d39f1145977e6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jquery.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 11069
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/up_loader.js
190.14.39.137200 OK 4.6 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/up_loader.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (4593), with no line terminators
Hash 98d98b3499058b76d58073cf8ede2f10
2ec5bc839a187c2a4d93499567e8fff091a6bcc4
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/up_loader.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 4593
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/widgets-core.js
190.14.39.137200 OK 384 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/widgets-core.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (65459)
Size 384 kB (384490 bytes)
Hash 107df749ef7e08e3f769fb1666b3c6a0
1ed51c9de8c3f9147f894207c494fff5539fe984
4fce1edf00b8143dad418d6ad16b8d6ed510a2e48e3a3367c2503252e7562b7c
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/widgets-core.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 384490
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js
190.14.39.137200 OK 92 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (1567)
Hash 517b254d3f660883a94c7bafe3ea9897
533e142ccb5a2faaa6104fe190d10d00597ccfda
326b19474feeac68db007bb455f91ba59913b4fa287d02ee38d0926f5b7a982f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 91619
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.js
190.14.39.137200 OK 91 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
Hash 67dddbf8220ca48c91918bd652831266
489eb61b561eee4c29d8d969f7a757ad50a509e8
cee2b802c15c5aaa4ad59d0ebef20c1287b62e73ecb7c90a4799fa956df2692b
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/slick.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 91059
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.alaskausa.org/css/akusafonts.css
107.162.171.161200 OK 1.3 kB URL HTTP/1.1 www.alaskausa.org/css/akusafonts.css
IP 107.162.171.161:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2289f536bd38d362508208832afe30b2
4527996ed94cfaebaab5ba934329b7d438e78c75
4c2a12a2a2cbe9dbdee082d9ae3dcfed797769286b8528595597ed82ec963ba1
GET /css/akusafonts.css HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 08 Sep 2022 17:43:01 GMT
Accept-Ranges: bytes
ETag: "ec1d2571aac3d81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Tue, 13 Sep 2022 00:31:57 GMT
Via: 1.1 dca1-bit12005
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/css.css
190.14.39.137200 OK 6.0 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/css.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
Hash e1577dcb85f67f935d3371a5bbf4ccdd
cfcb681dfed0c6a9d72dc1117cba5fdd3e7bd05d
88101eccef0707bd7ee54179eb036631c5139d41892067f13b7c9efac1a48009
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/css.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 6007
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
142.250.74.72302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
IP 142.250.74.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7338bba7ae57ba5847a17fa47a473904
eb524808aa73104cbcfb12754160299d49613361
c3f40cef8938854002d5d304eb7ea31ba222abb0a7df5a3dc213c66ed898deaa
GET /gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 13 Sep 2022 00:32:00 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_akusa.css
190.14.39.137200 OK 7.4 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_akusa.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
Hash a27fbf149bdf16ee39c41bcd4c524086
4a81b4a2e33c32f642cbdefa54e5c521d0ad414d
9912d6e74344add0e80fa3a9f690e25c42d270812c876f129142b922840fdbe0
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/genesys_akusa.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 7398
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&a=532184911&t=pageview&_s=1&dl=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=979679455&gjid=82087406&cid=48780166.1663029109&tid=UA-105087488-1&_gid=1353071629.1663029109&_r=1>m=2wg370W942G3C&z=1666471662
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=532184911&t=pageview&_s=1&dl=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=979679455&gjid=82087406&cid=48780166.1663029109&tid=UA-105087488-1&_gid=1353071629.1663029109&_r=1>m=2wg370W942G3C&z=1666471662
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j96&a=532184911&t=pageview&_s=1&dl=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=979679455&gjid=82087406&cid=48780166.1663029109&tid=UA-105087488-1&_gid=1353071629.1663029109&_r=1>m=2wg370W942G3C&z=1666471662 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.outh05.alaska.ezc1x3thuo.eu
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.outh05.alaska.ezc1x3thuo.eu
date: Tue, 13 Sep 2022 00:32:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
142.250.74.72200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (21790)
Hash e2ccdc7b3639cea6e635f1bf01b40043
e397e69898d9065b64753ca8d75b694275ade1a3
d7ab0f77bdd1875f761147c2cf416496c3b1d1e3e17702c42d2148ac4da40ee2
GET /gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 00:32:01 GMT
expires: Tue, 13 Sep 2022 00:32:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W942G3C
142.250.74.72200 OK 89 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W942G3C
IP 142.250.74.72:0
File type ASCII text, with very long lines (58138)
Hash 74ddeb61f4ca9b470732a7907bb9de0a
a762d96700651aa78dbf20d72f09d7f653549f72
574e1bd09f7929fc8f11ed9ede67642a2a00378d70a28eb1762a2ea3032dae9e
GET /gtm.js?id=GTM-W942G3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 00:32:01 GMT
expires: Tue, 13 Sep 2022 00:32:01 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Tue, 13 Sep 2022 00:32:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Tue, 13 Sep 2022 00:32:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:49:29 GMT
age: 6152
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/ncua.png
190.14.39.137200 OK 4.3 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/ncua.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Hash 38b7240d957be9f71b5271246fb01f67
9007e7baf8e357ac11c8541c871e48960c8d9f30
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/ncua.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 4280
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed996f863e0d0dcce9e48acb79fd6827
af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5
57ea1317d878e2727fd8b0f3823e6f14053c7d1d16c5e1872b23a510ab1efdd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6530
x-amzn-requestid: dd634daa-0aee-4859-a956-c54d5eecf1be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSKEyHGlIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d8a1e-51f715224318bfcf76d1c3ab;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:11:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HMJgr4Kw1vyxFSbLpWcgarqHbVD3E8hPdFNFRzpwW4MqzV30mQyKog==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 17:39:46 GMT
age: 24735
etag: "af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3057080b51e9f8360222d0bba39807f
0c9cdc03cf2b5a60542cdb91de6b7b37866254cc
303c7c2f54dd0ef80f6a7b2cc050ff118f8907a79334dcab7e8fa4d4cab3b7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6670
x-amzn-requestid: 6f0e9fd2-a2a3-4b89-a109-e0ada80efb41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_Y9vFPHoAMFkBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63160857-3c8f54b87e1e502e2308a204;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 14:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nfLjMEzh5cygwX91VZ8DCa_wD5a-KMQPz8xXFFDZc9qlDa-TCAiX2A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:24 GMT
age: 9217
etag: "0c9cdc03cf2b5a60542cdb91de6b7b37866254cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/EHL.png
190.14.39.137200 OK 3.3 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/EHL.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Hash 859cf2ed8319f4931c1e2371bee8b46d
ff866fe6e3071999e6c057dae5aed927aefd047f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/EHL.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 3317
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Floating-Banner-Q3.png
190.14.39.137200 OK 32 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Floating-Banner-Q3.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 358 x 181, 8-bit/color RGBA, non-interlaced\012- data
Hash a41c669e9b9514fb82605ccacdc51da6
0bcbe8fe1608666e28a784d896e6bf4fb102ff96
4204d2dcd83bea2a69ffb73451c76aa8f084757518c0f4cff773bd107a95b309
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Floating-Banner-Q3.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 31636
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusafcu_logo.png
190.14.39.137200 OK 16 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusafcu_logo.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash dc43cc5c96d54639189781edf322cac9
26c53d9c975f997481520a336ac5f6a22f115c74
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusafcu_logo.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 16228
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Background-Photo.jpg
190.14.39.137200 OK 102 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Background-Photo.jpg
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Size 102 kB (102157 bytes)
Hash 4a3df69aaf1351430579c94cc849fce5
e7ba778e7330a03b8bd3ffd3f2167fe1be06277d
a4e65c59ce489d1aa83c497988f6531cc9d50b9aa8e35683cccf99351efa854d
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Background-Photo.jpg HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 102157
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Tue, 13 Sep 2022 00:32:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 9387
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Tue, 13 Sep 2022 00:32:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bade06e72a416ba31c658e41c341a175
722607d59e2fa7de70b7b24daebc0ef74903f272
16033840bfe31372b193a545f5aae57fd865a5e786d12705d67b18dfdbb31388
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7430
x-amzn-requestid: 7898b8eb-60e3-47b4-980e-061036ac8c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbepFinIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa5f7-3a120c0143cdf1051f94e142;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eKSciYj4WbRzV_M0LpmWpgrEvYLDfi2haM-slQw4EXm371JAq-pd6Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:18 GMT
etag: "722607d59e2fa7de70b7b24daebc0ef74903f272"
content-type: image/jpeg
age: 9223
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Tue, 13 Sep 2022 00:32:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 019416755742a78ddf35671ba5eaccc7
ec2e96359ef3a236514cab21af80ea5b9420e9c3
a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 20d58a44-c942-46a8-9136-a824d775275c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLNZPFsjoAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac2a1-24d2272a61fd0f39088251b4;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:35:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2E2yaVqFHLXdfuJns8hs9DNomHNQWVNVSeZSCMdD2W7bGMMgA0QoZQ==
via: 1.1 024f97192fe648974da2251fbcc71f38.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:17:59 GMT
age: 8042
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 12 Sep 2022 05:12:26 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yJUwpAXyMQiO6YUL66ytsi4z9gl1B1d0NGGjpoGKoNMYV2kSCfc2Dw==
Age: 69576
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/134612163.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/header_bg.png
190.14.39.137200 OK 8.1 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/header_bg.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 156 x 165, 8-bit/color RGB, non-interlaced\012- data
Hash f420d4563192f414fabc27808342a8b2
80d69a4a339f6ddfe991d41d798d9a58fa0a21ea
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/header_bg.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0; agft=f9dfc50e6fe4eca6bcca95b29e581d96.48343548; agfs=f9dfc50e6fe4eca6bcca95b29e581d96.48343548&1663029109&1663029109&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 8058
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/t_prism_sitemessages.php HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/navSprites.png
190.14.39.137200 OK 14 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/navSprites.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 240 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c34097881e44683ea2c683b9c4c6fba
c3053cdec4d858a66cdaeb71e6612115508513a8
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/navSprites.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0; agft=f9dfc50e6fe4eca6bcca95b29e581d96.48343548; agfs=f9dfc50e6fe4eca6bcca95b29e581d96.48343548&1663029109&1663029109&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 14383
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/homeSprites.png
190.14.39.137200 OK 190 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/homeSprites.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 272 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 190 kB (190407 bytes)
Hash c6dfc43f4439d97b3796d7141fefd850
d86a787e16816d02f05b18210bf5649ed403f10d
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/homeSprites.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-desktop.css
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0; agft=f9dfc50e6fe4eca6bcca95b29e581d96.48343548; agfs=f9dfc50e6fe4eca6bcca95b29e581d96.48343548&1663029109&1663029109&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 190407
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-phone.css
190.14.39.137200 OK 18 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-phone.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type Unicode text, UTF-8 (with BOM) text, with very long lines (676), with CRLF line terminators
Hash d33714197fa3950aa0424e4f294cc42d
cd1ec9bcfaf3bf3defd5460d415f3451a43b71ce
a3b55a8c5038f3ce453ec2bbc2ab7cad43a1e8c50622d9dfb50da97c1613802d
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-phone.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0; agft=f9dfc50e6fe4eca6bcca95b29e581d96.48343548; agfs=f9dfc50e6fe4eca6bcca95b29e581d96.48343548&1663029109&1663029109&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 17669
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Floating-Banner.png
190.14.39.137200 OK 22 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Floating-Banner.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 551 x 278, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8078aa4d957d75bd69f81053322b7b
f822ee9b43eb74adb8da0cb6d06114dc4041810d
21ad128a12235c4aea0f7198b1013df45c88086b3b683c03140896880852b713
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/21205_Floating-Banner.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 22453
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-print.css
190.14.39.137200 OK 440 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-print.css
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with CRLF line terminators
Hash d2b8ae10b8fe53d036024d1a74f68448
5d50bda6fabc92991393fbc68cdfa7dcec585011
6e4eea6e0b46fa49950b347840f889cb33fdb8fed31dfd2a0f97c6fe96ae55e9
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/akusa-print.css HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0; agft=f9dfc50e6fe4eca6bcca95b29e581d96.48343548; agfs=f9dfc50e6fe4eca6bcca95b29e581d96.48343548&1663029109&1663029109&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 440
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive
Content-Type: text/css
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/warning.png
190.14.39.137200 OK 1.2 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/warning.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e1021883b3f3114c30a7cb29529ac5e
a20cdec04360f8075da7ae8b879f3cebe21e12e3
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/warning.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/AUIB_Q3_promo2.jpg
190.14.39.137200 OK 29 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/AUIB_Q3_promo2.jpg
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Hash c1dcde5137e55d4cb3784916e3e2c274
a89b07d8fb3283be9d5666cab2dd2aa89d90732a
00ecd414747be72b5c838213800ee09b90f18d9192c0ae7eac1e40c51c2157f7
Analyzer Verdict Alert quad9 Sinkholed
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/AUIB_Q3_promo2.jpg HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 29268
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F
IP 104.17.145.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:32:01 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=f5f5b231-68b5-42bf-b11e-e5ba86ce99d8; expires=Thu, 13-Oct-2022 00:32:01 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 42
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749cc888bfb40afe-OSL
X-Firefox-Spdy: h2
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Global_Credit_Union.png
190.14.39.137200 OK 8.1 kB URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Global_Credit_Union.png
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 84bdc38197c7818f817a51fe9aa5f877
3bbdf85f533485b40d88ac267ad3c492926b8854
cc0fe675f5052acd49345b248c172325b19c3ebbda672922a95da2fbfeab1d83
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/Global_Credit_Union.png HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 8073
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive
Content-Type: image/png
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/0.txt
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/0.txt
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/0.txt HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.outh05.alaska.ezc1x3thuo.eu/current/chat/genesys_config_prod.js?20220309093
190.14.39.137404 Not Found 315 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/current/chat/genesys_config_prod.js?20220309093
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /current/chat/genesys_config_prod.js?20220309093 HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
Cookie: _gcl_au=1.1.1759321257.1663029109; _ga=GA1.1.48780166.1663029109; _gid=GA1.2.1353071629.1663029109; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1663029108.1.1.1663029108.0
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 00:32:01 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F
IP 104.17.145.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=25948200&u=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:32:01 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=94236e60-efb8-473d-a78d-451e1cd1bd8b; expires=Thu, 13-Oct-2022 00:32:01 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 281
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749cc889d8250afe-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Tue, 13 Sep 2022 00:20:38 GMT
Expires: Tue, 13 Sep 2022 02:20:38 GMT
Cache-Control: public, max-age=7200
Age: 684
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 5.8 kB URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
Hash b0247bc4d088affb1e451fae2a3e773e
d61a9114fc97c3597fec31650e81bb3ebfbb1712
209cf7f39370f1ccd35bf86b5df7e423a47a930142cae379dc327981fcdd1076
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:32:01 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 104
server: cloudflare
cf-ray: 749cc8874f540afe-OSL
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=08429B17180660EC2D45890919F36155; domain=.bing.com; expires=Sun, 08-Oct-2023 00:32:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43AFB3893D8A4FD4AC2C6377100A5DD1 Ref B: OSL30EDGE0106 Ref C: 2022-09-13T00:32:02Z
date: Tue, 13 Sep 2022 00:32:01 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jsSuite-1.js
190.14.39.137200 OK 42 B URL HTTP/1.1 www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jsSuite-1.js
IP 190.14.39.137:0
ASN #52469 Offshore Racks S.A
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/css/jsSuite-1.js HTTP/1.1
Host: www.outh05.alaska.ezc1x3thuo.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/alaskausa/0e4ceef65add6cf21c0f3f9da53b71c0/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:32:00 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 10:15:24 GMT
Accept-Ranges: bytes
Content-Length: 61095
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Sep 2022 00:32:02 GMT
expires: Tue, 13 Sep 2022 00:32:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.alaskausa.org/images/icon-76@2x.png
107.162.171.161200 OK 22 kB URL HTTP/1.1 www.alaskausa.org/images/icon-76@2x.png
IP 107.162.171.161:0
File type PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Hash aa361a75d2fd36154747173a3a6cd422
8c14f2c0a0f3b2e1a265313239d6b9f7383808f9
31079b4bcec10fbd6e7530a766c97d05b5bc5e143af55a7599633fe3fd1c955e
GET /images/icon-76@2x.png HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 08 Sep 2022 17:43:56 GMT
Accept-Ranges: bytes
ETag: "c0a5d391aac3d81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Tue, 13 Sep 2022 00:31:58 GMT
Content-Length: 21833
Via: 1.1 dca1-bit12005
bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=2a202dc7-27a7-4ecb-92d8-16d2145a46e1&sid=74dc927032fb11ed9c724b49f6011166&vid=74dcb8c032fb11edbab079475002378b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&r=<=2719&evt=pageLoad&sv=1&rn=20719
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=2a202dc7-27a7-4ecb-92d8-16d2145a46e1&sid=74dc927032fb11ed9c724b49f6011166&vid=74dcb8c032fb11edbab079475002378b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&r=<=2719&evt=pageLoad&sv=1&rn=20719
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=134612163&tm=gtm002&Ver=2&mid=2a202dc7-27a7-4ecb-92d8-16d2145a46e1&sid=74dc927032fb11ed9c724b49f6011166&vid=74dcb8c032fb11edbab079475002378b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&r=<=2719&evt=pageLoad&sv=1&rn=20719 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2E6B4B69ECE1687D17895977ED14693C; domain=.bing.com; expires=Sun, 08-Oct-2023 00:32:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7D0E8C64E144232AD67CC694DAF441C Ref B: OSL30EDGE0106 Ref C: 2022-09-13T00:32:02Z
date: Tue, 13 Sep 2022 00:32:01 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1663029109700&cv=9&fst=1663029109700&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1663029109700&cv=9&fst=1663029109700&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2370), with no line terminators
Hash e6c47fb4c158fa318a7c60e7cb9ea4f6
bd6af36cc12ed0c1be3e5090e37cde20612d6f50
5e91f9575e4f9ef1cb69c8e394b05798a73fc49f3c827361e79c47c9d623959a
GET /pagead/viewthroughconversion/831978068/?random=1663029109700&cv=9&fst=1663029109700&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 00:32:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1079
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 00:47:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/134612163.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/134612163.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/134612163.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=35DB266D04F660AF005E347305036122; domain=.bing.com; expires=Sun, 08-Oct-2023 00:32:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E05531A97BBE4C31828210B0B63A972E Ref B: OSL30EDGE0106 Ref C: 2022-09-13T00:32:02Z
date: Tue, 13 Sep 2022 00:32:01 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&gjid=82087406&_gid=1353071629.1663029109&_u=aEBAAEAAEAAAAC~&z=1502610661
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&gjid=82087406&_gid=1353071629.1663029109&_u=aEBAAEAAEAAAAC~&z=1502610661
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&gjid=82087406&_gid=1353071629.1663029109&_u=aEBAAEAAEAAAAC~&z=1502610661 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.outh05.alaska.ezc1x3thuo.eu
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.outh05.alaska.ezc1x3thuo.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 00:32:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:32:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/831978068/?random=1663029109700&cv=9&fst=1663027200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2837526835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/831978068/?random=1663029109700&cv=9&fst=1663027200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2837526835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1663029109700&cv=9&fst=1663027200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg370&sendb=1&frm=0&url=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2837526835&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 00:32:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&_u=aEBAAEAAEAAAAC~&z=1273275582
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&_u=aEBAAEAAEAAAAC~&z=1273275582
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105087488-1&cid=48780166.1663029109&jid=979679455&_u=aEBAAEAAEAAAAC~&z=1273275582 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 00:32:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alaskausa.org/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.ttf
107.162.171.161200 OK 16 kB URL HTTP/1.1 www.alaskausa.org/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.ttf
IP 107.162.171.161:0
File type TrueType Font data, 19 tables, 1st "FFTM"\012- data
Hash 27d9b343007d92bb2e7eee3e03e425d2
73d7fb6e9920a739cf01432cae5bcc4148f2b669
db3bcf03c4c86296383c66e5d5a2b1a94ad0d3baa8a13731afef4545bda4a843
GET /css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.ttf HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.outh05.alaska.ezc1x3thuo.eu
Connection: keep-alive
Referer: https://www.alaskausa.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Thu, 08 Sep 2022 17:43:01 GMT
Accept-Ranges: bytes
ETag: "b9331771aac3d81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Tue, 13 Sep 2022 00:31:58 GMT
Content-Length: 45572
Via: 1.1 dca1-bit12005
www.alaskausa.org/favicon.ico
107.162.171.161200 OK 1.2 kB URL HTTP/1.1 www.alaskausa.org/favicon.ico
IP 107.162.171.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash a640140069c78a92f718c9fb63614d72
1418d5de4993b63c2b11a64df62a03ae8ebb8f95
5b8545b9cf60e23bd9c7eacef43e9b85e2843b1d90328b5b6fca9ef851347808
GET /favicon.ico HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Thu, 08 Sep 2022 17:45:28 GMT
Accept-Ranges: bytes
ETag: "11d2bec8aac3d81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Tue, 13 Sep 2022 00:31:59 GMT
Content-Length: 1150
Via: 1.1 dca1-bit12005
insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&upid=q8skero&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&upid=q8skero&upv=1.1.0
IP 52.223.40.198:0
GET /track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.outh05.alaska.ezc1x3thuo.eu%2Falaskausa%2F0e4ceef65add6cf21c0f3f9da53b71c0%2F&upid=q8skero&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.outh05.alaska.ezc1x3thuo.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:32:02 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
www.alaskausa.org/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff
107.162.171.161200 OK 0 B URL HTTP/1.1 www.alaskausa.org/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff
IP 107.162.171.161:0
GET /css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.outh05.alaska.ezc1x3thuo.eu
Connection: keep-alive
Referer: https://www.alaskausa.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Thu, 08 Sep 2022 17:43:05 GMT
Accept-Ranges: bytes
ETag: "8a9c8b73aac3d81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Tue, 13 Sep 2022 00:31:58 GMT
Content-Length: 25232
Via: 1.1 dca1-bit12005