www.camelistas.online/verifyFCU
162.241.87.163301 Moved Permanently 247 B URL HTTP/1.1 www.camelistas.online/verifyFCU
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7092fb0a658b0c0ad2cb4bc7c0fbbee
6b4e13c9544997622dfdd00d9aa0503eb89fad15
639602ea78032598bcd4a30b3b2b81d1959b13a7f1e203377c7b42b94e401f7e
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Location: http://www.camelistas.online/verifyFCU/
Content-Length: 247
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7905
Expires: Fri, 03 Feb 2023 22:58:09 GMT
Date: Fri, 03 Feb 2023 20:46:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Fri, 03 Feb 2023 22:37:29 GMT
Date: Fri, 03 Feb 2023 20:46:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 20:36:11 GMT
content-type: application/json
age: 613
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18041
Expires: Sat, 04 Feb 2023 01:47:05 GMT
Date: Fri, 03 Feb 2023 20:46:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R8ejW01j01jzqts5YeawgxHfCQQMohpcZF9R2NdojCdGH19LvQGNY5VXIg478KGZWGclM7H5EqeR5uprMMz4tA==
x-amz-request-id: 5C4QDPCPP7G3FJHQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 19:52:32 GMT
age: 3232
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 20:46:24 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/diffuser.js
162.241.87.163200 OK 24 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/diffuser.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24240), with no line terminators
Hash 4d482a43613d3966f353ec9d97452e0c
4acc9cf492267ab6d351fb11246431bd7d6e6387
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/diffuser.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 24240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 19:49:06 GMT
age: 3439
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/bat.js
162.241.87.163200 OK 39 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/bat.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (38691), with no line terminators
Hash ac4d95c045ef8f3e8379e37af922c5de
e2ffcabc518e603388fa59ea434007cd944f0102
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/bat.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 38692
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/
162.241.87.163200 OK 210 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32528), with CRLF line terminators
Size 210 kB (210237 bytes)
Hash 4712958e2a21c2a440331571676b7f6c
feeb60fa848391d37c04115a0690990930b3d197
7c554dfa1680d8897f8bbcca80604c3d2cf1e020e062e54adc66c0a1d54d885f
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/ HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:14 GMT
Accept-Ranges: bytes
Content-Length: 210237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/f.txt
162.241.87.163200 OK 40 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/f.txt
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2165)
Hash c4f5345c996e0ceea204795e5493b887
f02afd5d4933557d2922ebab48f923a868e94c26
862e29e01d2fa93a6481499c7c0608acf90a6e427c1efd6c49942ec92fa8dbe1
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/f.txt HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 39671
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common-1.js
162.241.87.163200 OK 270 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common-1.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash a65c869dd67bc5e2fa42bf8fd11061ff
9275b1bcda9b86d648ae46d71ed5125fea4ee881
fe2f432dc4c8dd5b3704add1bec8cd014b473844ea90d7080f1f90eed762833e
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/alaska-common-1.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 270
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/analytics.js
162.241.87.163200 OK 50 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/analytics.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1325)
Hash d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/analytics.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 50205
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common.js
162.241.87.163200 OK 7.2 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7193), with no line terminators
Hash 22abdbb9b50e7b90ba78f4d3c9beda5a
cb480a3ef2a892a390f24d9e636dd8c3c0adb040
e3db340f53f39e29e32528a7a9e62196795570000c48fbccafd3d317f8cc5c32
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/alaska-common.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 7193
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6389
Expires: Fri, 03 Feb 2023 22:32:54 GMT
Date: Fri, 03 Feb 2023 20:46:25 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.camelistas.online
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3682386
expires: Wed, 24 Jan 2024 20:46:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks7D3rqUzx4M2D1C1ZY%2FstLEmUBU%2FayTlKdYdMVsiI3fAPuAb4%2FZ0mZRvfC2flmEUJeAWm1pG8pZcdn%2FTF9dnh%2FHeF2dLRXxOLBAcqH7NnKuySEotX2%2Btzj6lzVEpZ2Ss4H%2FMPAc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793e04131da21c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.25.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.25.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9262300
expires: Wed, 24 Jan 2024 20:46:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BntUJxL6fIRi1JorOjogYHpAU3vNqIgFVh6%2F2mFUMKDfvwffmSDBvHxeAKROgv3CCtMGatdasOOSgOWMrZFl4FyvxWFEsOU67b3RM8nofwpVfnyjV8d6ctCqpF2zXbcITx9AFXV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793e04131b99b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.10200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.camelistas.online
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:25 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675457185.dop206.sk1.t,1675457185.cds068.sk1.hn,1675457185.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:25 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675457185.dop001.sk1.t,1675457185.cds260.sk1.hn,1675457185.cds222.sk1.c
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/gtm.js
162.241.87.163200 OK 274 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/gtm.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (50320)
Size 274 kB (274264 bytes)
Hash bb9a314e1d609a14fbd734352816662a
4776d30cb1f77a9bdb81ead1541c29beafe4692c
174f7b0a91703bf83c0cc7fa05678ab731e9671b33ef59086879426bbda9a6cd
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/gtm.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 255484
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 28458680
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 03 Feb 2023 20:46:25 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3873
Cache-Control: max-age=112037
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:25 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:53:42 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js.js
162.241.87.163206 Partial Content 77 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1567)
Hash ca43e25714dbea659a0786e70e2c6d74
c455bcb1de11e69cae47e4aa255518aa8ec4f1c6
22780ca01df13e31cb3bfcb2e2d468074e806bb3b59d0e0c2904611dba3363e2
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/js.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
Range: bytes=94102-
If-Range: Fri, 03 Jun 2022 22:09:16 GMT
HTTP/1.1 206 Partial Content
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 76740
Content-Range: bytes 94102-170841/170842
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-home.css
162.241.87.163200 OK 6.7 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-home.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 76cb1c0872d319f0c36b19c89c5192c7
9fa7e2161d816faa34d02457b6ebe520534a915d
fc3a2471672c7e5eceff79f17a129583336514a9c28ce6e5945fde9018983e70
GET /verifyFCU/actions/pmv/data/pdf/akusa-home.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 6674
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/slick.css
162.241.87.163200 OK 9.7 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/slick.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (336), with CRLF line terminators
Hash 14e79f246905c8ea3e5fa2f429f6680e
bb8a12c0bc6e5f26906dc6ecf07ebebf25a56a50
be62c65b37d25596c98fc536918e7fb89f08fb737b208a75cd991bf87eb229fb
GET /verifyFCU/actions/pmv/data/pdf/slick.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 9717
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
54.149.117.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.117.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eQzLFyXpaoL0wbxginsahQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: STObqtyuAEWTfnsw7vB3m8YMd80=
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js.js
162.241.87.163200 OK 253 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3066)
Size 253 kB (252787 bytes)
Hash 987f033926171723acc3d5ad4b64ab5e
716b855a9f6695b146e50c618f8b2878604d22f8
a9b39fa627b2a6fb9cbeeafba16e8a12ed4cb57b6b80ae9950adb62cfdcb26c4
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/js.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:24 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 170842
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3874
Cache-Control: max-age=112037
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:26 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:53:43 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common-2.js
162.241.87.163200 OK 73 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/alaska-common-2.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash b1487b5bdfeb98defceb3cc71a38d795
25034f9d5e5eb300b8a9e8b059d3bfb9a4bb2187
d98efcc9063ab132e346e0675a3d145f412489e7620d64b2db2878ea399adb8a
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/alaska-common-2.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 231128
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/genesys_config_prod.js
162.241.87.163200 OK 2.0 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/genesys_config_prod.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with CRLF line terminators
Hash 47510534910390c3dfe366a3265e23be
bb419b36689d60c34db008fdfa1cdcba3ba17667
f470059fdf77da969a7bfb16cab1efd7e1f5edf8a02526738125ddf6c1c339b3
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/genesys_config_prod.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 2014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-desktop.css
162.241.87.163200 OK 22 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-desktop.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (844), with CRLF, LF line terminators
Hash 8d53e8dad3ef5aba70c5c9736f983d3d
7726995d0b0852e1c628beb9ceca1d7c23dcb4fc
da4c3556be00a7cb386b2c849445a072056ad29858e7cd59f820ac4a9bea30c2
GET /verifyFCU/actions/pmv/data/pdf/akusa-desktop.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 21507
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/f-1.txt
162.241.87.163200 OK 2.2 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/f-1.txt
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2249), with no line terminators
Hash c56cd8a8e2a3b000d624f3627a8e29af
583a235b46efcf038942c9b70842729769b2eb6e
08b1b8f357cfd6313ed7bcb30d8ca166f7d73b57b0e60630790af429b67b1a09
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/f-1.txt HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 2249
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/plain
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/134612163.js
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/134612163.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/134612163.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/_.js
162.241.87.163200 OK 246 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/_.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 0b8a55eb0672a884a9580303e4880628
cbef1251ac7cce88ca196306e61f611b1ce79ee8
4e67c0e8e88c79df4bdca6f059571021491ba0d6311504d488da28ae2b362513
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/_.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 246
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/cxbus/cookies/common/alaska/style.css
162.241.87.163200 OK 414 B URL HTTP/1.1 www.camelistas.online/verifyFCU/cxbus/cookies/common/alaska/style.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f9653fbeecf34b04791fee59eb3e253b
fcbbad7c6616682a22a9d0de09d715c61cb17722
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
GET /verifyFCU/cxbus/cookies/common/alaska/style.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 414
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/t_prism_sitemessages.php
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/t_prism_sitemessages.php
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/t_prism_sitemessages.php HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/cxbus.min.js
162.241.87.163200 OK 20 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/cxbus.min.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20450)
Hash 1af05cae75ce2c9916440830b58349c4
0da7c244267db9bae6e778e0bec1aad1cfe6c66f
3dad359622e49b9eb4ee7e71d2d7bedfbcc2684f15b11caa1698e4ba1a7fb4a3
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/cxbus.min.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 20521
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jsSuite-1.9.6.js
162.241.87.163200 OK 61 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jsSuite-1.9.6.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (826), with CRLF line terminators
Hash 1305f5a0eff6edb4da06fec386494234
24932dbaf071ccad96c54d9ec59c00870398fcca
e3f8d9011d9b761a3553d01e118b858ee73c132e668df7a4f798b28dffeb2d01
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/jsSuite-1.9.6.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 61095
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery.accAccordion.js
162.241.87.163200 OK 7.7 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery.accAccordion.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 60b2238f45fc0986d4a3abe0305e235b
8ca5e75600978dea3ab9e0bc5163089fa31136c8
757f4d75ee03e0028ab7a66650e2bd82a3c1380abb6a41378ff37cb08f77b3bb
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/jquery.accAccordion.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 7731
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery.leanModal.AKUSA.2.1.js
162.241.87.163200 OK 11 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery.leanModal.AKUSA.2.1.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 051272c4e36d6fa39fef32114cb7a00c
2596e235f567d26cc263d68aad79ac159d5ba56a
5a51ffb3148b1ca7f7b98fc5846542aaf84325846fcd490f365d39f1145977e6
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/jquery.leanModal.AKUSA.2.1.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 11069
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/slick.js
162.241.87.163200 OK 91 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/slick.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 67dddbf8220ca48c91918bd652831266
489eb61b561eee4c29d8d969f7a757ad50a509e8
cee2b802c15c5aaa4ad59d0ebef20c1287b62e73ecb7c90a4799fa956df2692b
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/slick.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 91059
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery-3.5.1.min.js
162.241.87.163200 OK 90 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jquery-3.5.1.min.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/jquery-3.5.1.min.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/up_loader.1.1.0.js
162.241.87.163200 OK 4.6 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/up_loader.1.1.0.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4593), with no line terminators
Hash 98d98b3499058b76d58073cf8ede2f10
2ec5bc839a187c2a4d93499567e8fff091a6bcc4
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/up_loader.1.1.0.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 4593
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/css.css
162.241.87.163200 OK 4.6 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/css.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8aad827d8157aa17264be69ffc481a7d
1cb6286d785461baa34ec7c93fc5e66770573cd9
e574482ae65920c7fabdcb0629e3cca26b225c66f853b796604f1b1428637dea
GET /verifyFCU/actions/pmv/data/pdf/css.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 4581
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/genesys_akusa.css
162.241.87.163200 OK 7.4 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/genesys_akusa.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a27fbf149bdf16ee39c41bcd4c524086
4a81b4a2e33c32f642cbdefa54e5c521d0ad414d
9912d6e74344add0e80fa3a9f690e25c42d270812c876f129142b922840fdbe0
GET /verifyFCU/actions/pmv/data/pdf/genesys_akusa.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 7398
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/js/actions.js
162.241.87.163404 Not Found 315 B URL HTTP/1.1 www.camelistas.online/verifyFCU/js/actions.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/js/actions.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafonts.css
162.241.87.163200 OK 4.4 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafonts.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash db4e506017940f9ab1f2f1d509aa40e2
be84d3c4c3c9e9ec02961433583bc4f5aeedd3df
65843e74b6e47563a6e31ca7f17c2f74cf5b221e0fd641ea96ad1764ecdc6503
GET /verifyFCU/actions/pmv/data/pdf/akusafonts.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 4436
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/otBannerSdk.js
162.241.87.163200 OK 349 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/otBannerSdk.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65456)
Size 349 kB (349017 bytes)
Hash 09842127b6fe7cd7fed7be501a5e0ee8
41a188777ac1c69c98dd0e11f6c30c2f21e02510
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/otBannerSdk.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:25 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 349017
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-base.css
162.241.87.163200 OK 33 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-base.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a3cd7fced5ba7afb0b9f5bc3d0b64803
fd96399fb3c1f6fc318622fde6c967c9a00e94e8
714a68cbf3c3c00213b1a63fe0220d6b80b40dd52a52e2105bddbdcff67c22ef
GET /verifyFCU/actions/pmv/data/pdf/akusa-base.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 32990
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7338bba7ae57ba5847a17fa47a473904
eb524808aa73104cbcfb12754160299d49613361
c3f40cef8938854002d5d304eb7ea31ba222abb0a7df5a3dc213c66ed898deaa
GET /gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 03 Feb 2023 20:46:26 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/Floating-Banner-Q3.png
162.241.87.163200 OK 32 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/Floating-Banner-Q3.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 358 x 181, 8-bit/color RGBA, non-interlaced\012- data
Hash a41c669e9b9514fb82605ccacdc51da6
0bcbe8fe1608666e28a784d896e6bf4fb102ff96
4204d2dcd83bea2a69ffb73451c76aa8f084757518c0f4cff773bd107a95b309
GET /verifyFCU/actions/pmv/data/pdf/Floating-Banner-Q3.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 31636
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/AUIB_Q3_promo2.jpg
162.241.87.163200 OK 29 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/AUIB_Q3_promo2.jpg
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1108, components 3\012- data
Hash c1dcde5137e55d4cb3784916e3e2c274
a89b07d8fb3283be9d5666cab2dd2aa89d90732a
00ecd414747be72b5c838213800ee09b90f18d9192c0ae7eac1e40c51c2157f7
GET /verifyFCU/actions/pmv/data/pdf/AUIB_Q3_promo2.jpg HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 29268
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/21205_Floating-Banner.png
162.241.87.163200 OK 22 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/21205_Floating-Banner.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 551 x 278, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8078aa4d957d75bd69f81053322b7b
f822ee9b43eb74adb8da0cb6d06114dc4041810d
21ad128a12235c4aea0f7198b1013df45c88086b3b683c03140896880852b713
GET /verifyFCU/actions/pmv/data/pdf/21205_Floating-Banner.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 22453
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/Global_Credit_Union.png
162.241.87.163200 OK 8.1 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/Global_Credit_Union.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 84bdc38197c7818f817a51fe9aa5f877
3bbdf85f533485b40d88ac267ad3c492926b8854
cc0fe675f5052acd49345b248c172325b19c3ebbda672922a95da2fbfeab1d83
GET /verifyFCU/actions/pmv/data/pdf/Global_Credit_Union.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 8073
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/otSDKStub.js/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json
162.241.87.163404 Not Found 315 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/otSDKStub.js/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/otSDKStub.js/consent/d9012451-973f-4944-835c-e7020071d90c/d9012451-973f-4944-835c-e7020071d90c.json HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=2068479400&gjid=443873223&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219&_r=1>m=2wg290W942G3C&z=2117677534
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=2068479400&gjid=443873223&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219&_r=1>m=2wg290W942G3C&z=2117677534
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAEABEAAAAC~&jid=2068479400&gjid=443873223&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219&_r=1>m=2wg290W942G3C&z=2117677534 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.camelistas.online
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.camelistas.online
date: Fri, 03 Feb 2023 20:46:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (27467)
Hash 60f610601dc767805c09f7a94d304d76
8fdbf7cd5510bac0dba6cad0641a2983cde47004
726b6d7ab77ad9ce307849fd39bf485b4da1df6ac2588c281fb39139314f79c9
GET /gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camelistas.online/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 20:46:26 GMT
expires: Fri, 03 Feb 2023 20:46:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W942G3C
142.250.74.168200 OK 97 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W942G3C
IP 142.250.74.168:0
File type ASCII text, with very long lines (58089)
Hash 47ac96a59114c0e045d11d90ef3a477f
4bff9f8f9cb74b9697fb6a10e4ad3bd4868c41eb
fc47ce7cab8be8e327903f442e5d604e30b9a954cb5ab81c7e8c0c5b4f20c5d6
GET /gtm.js?id=GTM-W942G3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 20:46:26 GMT
expires: Fri, 03 Feb 2023 20:46:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 19:56:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/AkusaIcon.ttf
162.241.87.163200 OK 18 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/AkusaIcon.ttf
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 16 names, Macintosh, type 1 string, AkusaIcon \012- data
Hash caec684a982642f0040b7fafdaba8afd
8488a00a731aa6552a924e8448cd276ae99264fb
ba5f038189c5d0831fad29ca4a0720e57fe047eee71de176a087f571cb2da61d
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/AkusaIcon.ttf HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafonts.css
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 17752
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/ttf
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-print.css
162.241.87.163200 OK 440 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-print.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d2b8ae10b8fe53d036024d1a74f68448
5d50bda6fabc92991393fbc68cdfa7dcec585011
6e4eea6e0b46fa49950b347840f889cb33fdb8fed31dfd2a0f97c6fe96ae55e9
GET /verifyFCU/actions/pmv/data/pdf/akusa-print.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 440
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/navSprites.png
162.241.87.163200 OK 14 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/navSprites.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 240 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c34097881e44683ea2c683b9c4c6fba
c3053cdec4d858a66cdaeb71e6612115508513a8
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019
GET /verifyFCU/actions/pmv/data/pdf/navSprites.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-desktop.css
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 14383
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-phone.css
162.241.87.163200 OK 17 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-phone.css
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5f09b1e207069f5a38c3c7fbf9d0c578
21a45f3e145bf1c743ee778c39a5b007fe631c69
3046b6421f7454a4907c9f49c8fedbdb1daeda03f7a383d5fa3ac6f3566d8ce8
GET /verifyFCU/actions/pmv/data/pdf/akusa-phone.css HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 16989
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/header_bg.png
162.241.87.163200 OK 8.1 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/header_bg.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 156 x 165, 8-bit/color RGB, non-interlaced\012- data
Hash f420d4563192f414fabc27808342a8b2
80d69a4a339f6ddfe991d41d798d9a58fa0a21ea
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
GET /verifyFCU/actions/pmv/data/pdf/header_bg.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-desktop.css
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 8058
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.camelistas.online/current/chat/genesys_config_prod.js?20220209164
162.241.87.163404 Not Found 315 B URL HTTP/1.1 www.camelistas.online/current/chat/genesys_config_prod.js?20220209164
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /current/chat/genesys_config_prod.js?20220209164 HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.camelistas.online/verifyFCU/js/actions.js
162.241.87.163404 Not Found 315 B URL HTTP/1.1 www.camelistas.online/verifyFCU/js/actions.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/js/actions.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0; agft=f7bed842a7b4430841da755e1bff56b2.95342323; agfs=f7bed842a7b4430841da755e1bff56b2.95342323&1675457220&1675457220&direct&(none)&&&&&
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtag/js?id=DC-9253762&l=dataLayer&cx=c
142.250.74.168302 Found 276 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=DC-9253762&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f4399d7bd6de385a0fe46bbf04f06fb5
d927b3cd17483bf6c656889fb1a6358ffa8746c7
03fd0d30dad103b8c210690961ae312b207baa55911fa0cd65d5ac500bc879a8
GET /gtag/js?id=DC-9253762&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-9253762&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 03 Feb 2023 20:46:27 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 276
X-XSS-Protection: 0
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/ncua.png
162.241.87.163200 OK 4.3 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/ncua.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Hash 38b7240d957be9f71b5271246fb01f67
9007e7baf8e357ac11c8541c871e48960c8d9f30
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
GET /verifyFCU/actions/pmv/data/pdf/ncua.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 4280
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/EHL.png
162.241.87.163200 OK 3.3 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/EHL.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Hash 859cf2ed8319f4931c1e2371bee8b46d
ff866fe6e3071999e6c057dae5aed927aefd047f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
GET /verifyFCU/actions/pmv/data/pdf/EHL.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 3317
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.10.207200 OK 15 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.10.207:0
File type ASCII text, with very long lines (50395)
Hash 52cbebc6dcbdff9e9f580dfd78063459
db46d765e9557e8c7b5b0d5808ebd7b5bfa08d25
044109a6c7c7c30f9955a7e76a90599e82536b327251e5f815b358aa1eabd0d3
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.camelistas.online
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 02/01/2023 13:54:41
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: aaa46b61350962cf29955439b92db8da
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793e04144ec4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash bb21b4ac5c8f198136244beb5c8e0804
0eab22f7b9ca0610c0e416296b93087de5e37a63
37d542a03db1e2e120cb42dc3d6cbd94e15005cdfd605cbe070eb27e986f6095
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 03 Feb 2023 08:26:12 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5m6xaNSsasOHuhqZEpBuc0pF5QADusLWpPg2To-CLBokjEBIPrT2_A==
Age: 44416
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/index_1.html
162.241.87.163200 OK 97 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/index_1.html
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 948c3b0b89a440438cb10c44dfb25fba
e4d35e5e283c4cfea043a022a3b06f0e85d231eb
3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/index_1.html HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0; agft=f7bed842a7b4430841da755e1bff56b2.95342323; agfs=f7bed842a7b4430841da755e1bff56b2.95342323&1675457220&1675457220&direct&(none)&&&&&
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 97
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafcu_logo.png
162.241.87.163200 OK 16 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafcu_logo.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash dc43cc5c96d54639189781edf322cac9
26c53d9c975f997481520a336ac5f6a22f115c74
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
GET /verifyFCU/actions/pmv/data/pdf/akusafcu_logo.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 16228
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/warning.png
162.241.87.163200 OK 1.2 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/warning.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e1021883b3f3114c30a7cb29529ac5e
a20cdec04360f8075da7ae8b879f3cebe21e12e3
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
GET /verifyFCU/actions/pmv/data/pdf/warning.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/0
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/0
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/0 HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jumplink-white.svg
162.241.87.163200 OK 2.4 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/jumplink-white.svg
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1867), with CRLF line terminators
Hash 6dcde879818507082d2265149a8c18ec
6d0b5f93f83b2b2c519fcd777dc4255da2540d6a
7d91fb8cf3f42097497f47b0f61a198844ea27d162350d017b80dc4ce2a158bf
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/jumplink-white.svg HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 2407
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9c8c9c6436b90b78a3b01257a7c3e03f
b249ff2f5cb92556aab29f5cc1aed2fa540cbed9
3c372de6a69e417fc315a36a5f8627d32c34ad72ee774009b26d5acff2b031c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C372DE6A69E417FC315A36A5F8627D32C34AD72EE774009B26D5ACFF2B031C1"
Last-Modified: Fri, 03 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19550
Expires: Sat, 04 Feb 2023 02:12:17 GMT
Date: Fri, 03 Feb 2023 20:46:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:46:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:46:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:46:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 20:46:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 82706
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 82771
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 82118
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e706db8a6107758a148463e916f2532d
4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81
673f18036a53f8ff297ef6a63fd094e7c41d90f3960f0e687a741cc7dd3f6172
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6791
x-amzn-requestid: 665115ea-728e-4a55-aaf8-b09db3fa67a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffl96FIzIAMFYGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61d25-0abbd7262ca10b7a7d2bf9eb;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:15:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPgaBSGyLJQnN0ofVRFniW2LqzgKVWchSKYSjYCmuPtpL9Ner81ARQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:14:03 GMT
age: 81144
etag: "4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 81993
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/cxbus/cookies/common/alaska/loading.gif
162.241.87.163200 OK 39 kB URL HTTP/1.1 www.camelistas.online/verifyFCU/cxbus/cookies/common/alaska/loading.gif
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
GET /verifyFCU/cxbus/cookies/common/alaska/loading.gif HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 38636
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/gif
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D
IP 104.17.145.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:27 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=37d1ca9c-00f6-49f8-8ade-eab82af1e629; expires=Sun, 05-Mar-2023 20:46:27 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 36
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793e041bc825b51d-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219>m=45He3210n81W942G3C&z=1269136846
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219>m=45He3210n81W942G3C&z=1269136846
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j96&a=1050663372&t=pageview&_s=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEDAAEABEAAAAC~&jid=&gjid=&cid=17483254.1675457219&tid=UA-105087488-1&_gid=2146835976.1675457219>m=45He3210n81W942G3C&z=1269136846 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 03 Feb 2023 10:20:38 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 37549
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Fri, 03 Feb 2023 20:03:19 GMT
Expires: Fri, 03 Feb 2023 22:03:19 GMT
Cache-Control: public, max-age=7200
Age: 2588
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2EB8423B9DE84A79817469223A723272 Ref B: OSL30EDGE0120 Ref C: 2023-02-03T20:46:27Z
date: Fri, 03 Feb 2023 20:46:26 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5956
Cache-Control: max-age=132483
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 09:34:30 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 13521e434225e7e57b60b91689d2fdff
294a86a47a25c79726d47acb08e55dd89d9f386f
71fd21d203d8f1fa65acccfef4a1cdd84b8831ecfd187cd817d270145523bafe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
216.58.207.228200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (1654)
Hash 63b8c3ec717026222a1927305b792909
b09552b99384624e347844d96a3db94fb46c2d74
e8a54177843196a1d884b73393e651b4141066754df47045c2bad7e709f0e965
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Feb 2023 20:46:27 GMT
expires: Fri, 03 Feb 2023 20:46:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4141146218652758424
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D
IP 104.17.145.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=25948200&u=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:27 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_25948200=afabb06c-cb37-4c6e-8fe8-f79349c264e0; expires=Sun, 05-Mar-2023 20:46:27 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 73
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793e041cc95fb51d-OSL
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com.ng/pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.com.ng/pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1644743993002&cv=9&fst=1644742800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.alaskausa.org%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=2430519944&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1675457219516&cv=11&fst=1675457219516&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1453902176.1675457219&rfmt=3&fmt=4
142.250.74.34200 OK 897 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1675457219516&cv=11&fst=1675457219516&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1453902176.1675457219&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1887), with no line terminators
Hash 7c372557e136526bbb24684ac23fdcfd
9f704788a64d36c91c4e4b8868a240db6913f9d3
a632b7169e6e3866be595087077af8d96cc4576273b44288bfc9e1b31274bc0c
GET /pagead/viewthroughconversion/831978068/?random=1675457219516&cv=11&fst=1675457219516&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&auid=1453902176.1675457219&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 897
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 21:01:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6hxywgLriARKyIM5sio3guXunjF2mP1prkebzuEZzc1IQwTnNnVbfOuLpo3gKzcgO2CzvdxqoLJy4/92eHzBIw==
content-length: 27843
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 20:46:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/homeSprites.png
162.241.87.163200 OK 315 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/homeSprites.png
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /verifyFCU/actions/pmv/data/pdf/homeSprites.png HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusa-desktop.css
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0; agft=f7bed842a7b4430841da755e1bff56b2.95342323; agfs=f7bed842a7b4430841da755e1bff56b2.95342323&1675457220&1675457220&direct&(none)&&&&&
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 190407
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1675457219977&cv=9&fst=1675457219977&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 976 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1675457219977&cv=9&fst=1675457219977&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2277), with no line terminators
Hash 9d24ed6accce3cbf0a9605bdbbbb6bb1
6dadb9b43b61cfc3f7f69e7482f1d441ff737a87
c3935fa0ede1a0abad384ee5e5d64efeab86e13ae65a739bf395dd3ddbd1c8fc
GET /pagead/viewthroughconversion/831978068/?random=1675457219977&cv=9&fst=1675457219977&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 976
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 21:01:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5956
Cache-Control: max-age=132483
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 09:34:30 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 13521e434225e7e57b60b91689d2fdff
294a86a47a25c79726d47acb08e55dd89d9f386f
71fd21d203d8f1fa65acccfef4a1cdd84b8831ecfd187cd817d270145523bafe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=e2b88310-695e-4e94-96bd-aada932e5d93&sid=e7dc1bb0a40311ed8dd9bbcf27f10e21&vid=e7dc2ea0a40311eda8b8e76de809e176&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&r=<=1418&evt=pageLoad&sv=1&rn=659790
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=e2b88310-695e-4e94-96bd-aada932e5d93&sid=e7dc1bb0a40311ed8dd9bbcf27f10e21&vid=e7dc2ea0a40311eda8b8e76de809e176&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&r=<=1418&evt=pageLoad&sv=1&rn=659790
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=134612163&tm=gtm002&Ver=2&mid=e2b88310-695e-4e94-96bd-aada932e5d93&sid=e7dc1bb0a40311ed8dd9bbcf27f10e21&vid=e7dc2ea0a40311eda8b8e76de809e176&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business&p=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&r=<=1418&evt=pageLoad&sv=1&rn=659790 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=08A9623AF7786004268D7097F68D612C; domain=.bing.com; expires=Wed, 28-Feb-2024 20:46:27 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A652418DE364AD695784B9D320262A4 Ref B: OSL30EDGE0120 Ref C: 2023-02-03T20:46:27Z
date: Fri, 03 Feb 2023 20:46:26 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1675457219516&cv=11&fst=1675454400000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&fmt=3&is_vtc=1&random=2448600732&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/831978068/?random=1675457219977&cv=9&fst=1675454400000&num=1&bg=ffffff&guid=ON&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=1452975827&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/831978068/?random=1675457219977&cv=9&fst=1675454400000&num=1&bg=ffffff&guid=ON&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=1452975827&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/831978068/?random=1675457219977&cv=9&fst=1675454400000&num=1&bg=ffffff&guid=ON&eid=466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg290&sendb=1&frm=0&url=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&tiba=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&async=1&fmt=3&is_vtc=1&random=1452975827&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 20:46:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/134612163.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/134612163.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/134612163.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A870724D33A45C89E8548A762DB31CE Ref B: OSL30EDGE0120 Ref C: 2023-02-03T20:46:27Z
date: Fri, 03 Feb 2023 20:46:26 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1675457220330&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675457220330.429300271&it=1675457220030&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 110 kB URL HTTP/2 www.facebook.com/tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1675457220330&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675457220330.429300271&it=1675457220030&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110351 bytes)
Hash ff406f5dc704ca5fea87c4987694de38
0c3e2aa6bd306018ce3ce6686f90e3c44cbdcf29
663e505681fc8409e70cfa6a02895a4214014ffe3c5286b1c63239c22e352594
GET /tr/?id=251150729134059&ev=PageView&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1675457220330&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1675457220330.429300271&it=1675457220030&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Feb 2023 20:46:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2fdba96507b9c4e3a59c54a17c3132a
60ba4f76e49a1018779e5e103a57d90ace1af5a3
8dbe17e9790d3c5c563118cb7c97186efa2b8010a6ff5a7876e5374b1714f5c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 20:46:28 GMT
Etag: "63dbd71f-1d7"
Server: ECS (amb/6BAD)
Content-Length: 471
www.alaskausa.org/images/icon-76@2x.png
107.162.171.161404 Not Found 23 kB URL HTTP/1.1 www.alaskausa.org/images/icon-76@2x.png
IP 107.162.171.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3945), with CRLF, LF line terminators
Hash b8756a03f4741fcc2938e7e2e7fd870e
3861b6b1c9a196d23a24d3bb5690a36307736eac
df8c250093d716c64bbf68b2b3179f15a2bdf2261503bdd8b357fc875144437a
GET /images/icon-76@2x.png HTTP/1.1
Host: www.alaskausa.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 20:46:28 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Request-Context: appId=cid-v1:24ecc7a8-51e3-4614-8724-c8d6f6e8adfb
Strict-Transport-Security: max-age=31536000
Content-Security-Policy-Report-Only: default-src 'self' *.adsrvr.org *.google.com *.doubleclick.net *.optimizely.com *.facebook.com *.cookielaw.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com cdn.jsdelivr.net code.jquery.com embed.signalintent.com *.optimizely.com cdn.segment.com *.googleapis.com www.googletagmanager.com www.google.com www.gstatic.com *.btttag.com *.bing.com *.app-us1.com *.adsrvr.org *.doubleclick.net *.cookielaw.org www.google-analytics.com *.mypurecloud.com *.googleadservices.com *.pure.cloud *.aptrinsic.com *.bootstrapcdn.com js.monitor.azure.com *.facebook.net *.facebook.com trackcmp.net;style-src 'self' 'unsafe-inline' use.fontawesome.com use.typekit.net embed.signalintent.com p.typekit.net *.mypurecloud.com *.googleapis.com *.aptrinsic.com *.jsdelivr.net *.bootstrapcdn.com;img-src 'self' data: bat.bing.com *.google.com www.google-analytics.com content-cdn.com *.gstatic.com *.googleapis.com www.googletagmanager.com *.facebook.net *.facebook.com *.yahoo.com *.cookielaw.org;font-src 'self' use.fontawesome.com embed.signalintent.com use.typekit.net *.mypurecloud.com *.gstatic.com *.googleapis.com *.cloudfront.net data:;connect-src 'self' signal-intent-production-back.herokuapp.com cdn.segment.com *.optimizely.com *.cookielaw.org calc-backend-prod.herokuapp.com d.btttag.com *.googleapis.com www.google-analytics.com api.segment.io *.doubleclick.net *.alaskausa.org *.bing.com *.aptrinsic.com *.episerver.net *.visualstudio.com *.facebook.com;block-all-mixed-content
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 91
Expires: Sat, 04 Feb 2023 00:46:28 GMT
Cache-Control: public, max-age=14400
Vary: Accept-Encoding
CF-RAY: 793e042459db2d0c-IAD
Via: 1.1 dca1-bit15020
Content-Encoding: gzip
Transfer-Encoding: chunked
region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF>m=45je3210&_p=1050663372&cid=17483254.1675457219&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675457219&sct=1&seg=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF>m=45je3210&_p=1050663372&cid=17483254.1675457219&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675457219&sct=1&seg=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R11FYFZ8HF>m=45je3210&_p=1050663372&cid=17483254.1675457219&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675457219&sct=1&seg=1&dl=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F&dt=Alaska%20USA%20Federal%20Credit%20Union%20%7C%20Log%20In&en=page_view HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.camelistas.online
Connection: keep-alive
Referer: http://www.camelistas.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.camelistas.online
date: Fri, 03 Feb 2023 20:46:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:08:32 GMT
age: 63481
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0
IP 15.197.193.217:0
GET /track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/PTN57F-webfont.woff
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/PTN57F-webfont.woff
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/PTN57F-webfont.woff HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/actions/pmv/data/pdf/akusafonts.css
Cookie: _gcl_au=1.1.1453902176.1675457219; _ga=GA1.1.17483254.1675457219; _gid=GA1.2.2146835976.1675457219; _gat_UA-105087488-1=1; _ga_R11FYFZ8HF=GS1.1.1675457219.1.1.1675457219.0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 25232
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff
insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0
IP 15.197.193.217:0
GET /track/up?adv=p6q6pct&ref=http%3A%2F%2Fwww.camelistas.online%2FverifyFCU%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&upid=q8skero&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camelistas.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 20:46:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/21205_Background-Photo.jpg
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/21205_Background-Photo.jpg
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /verifyFCU/actions/pmv/data/pdf/21205_Background-Photo.jpg HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 102157
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js-1.js
162.241.87.163200 OK 0 B URL HTTP/1.1 www.camelistas.online/verifyFCU/actions/pmv/data/pdf/js-1.js
IP 162.241.87.163:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /verifyFCU/actions/pmv/data/pdf/js-1.js HTTP/1.1
Host: www.camelistas.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camelistas.online/verifyFCU/
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 20:46:26 GMT
Server: Apache
Last-Modified: Fri, 03 Jun 2022 22:09:16 GMT
Accept-Ranges: bytes
Content-Length: 89169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript