Overview

URL hmg.divinavontade.com/dev-ti/cu-onlineback/W
IP35.186.210.54
ASNGOOGLE
Location United States
Report completed2022-09-27 07:55:24 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 hmg.divinavontade.com/dev-ti/cu-onlineback/W Phishing
2022-09-27 2 hmg.divinavontade.com/dev-ti/cu-onlineback/W Phishing
2022-09-27 2 hmg.divinavontade.com/dev-ti/cu-onlineback/W/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-27 04:53:25 UTC 151.101.85.229
mnemonic passive DNS onlinebanking.becu.org (18) 177081 2015-02-26 14:09:48 UTC 2022-09-26 05:51:15 UTC 107.162.177.191
mnemonic passive DNS 7000878.collect.igodigital.com (1) 211019 2017-04-10 15:30:21 UTC 2022-09-26 20:43:18 UTC 54.209.178.190
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 07:18:49 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-09-27 04:15:00 UTC 93.184.220.29
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-26 04:28:35 UTC 104.18.21.226
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 05:44:40 UTC 143.204.55.115
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:12:16 UTC 23.36.76.226
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-27 04:52:54 UTC 69.16.175.42
mnemonic passive DNS ajax.aspnetcdn.com (1) 693 2012-05-24 13:35:31 UTC 2022-09-27 05:09:24 UTC 152.199.19.160
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-26 19:13:16 UTC 104.18.11.207
mnemonic passive DNS nova.collect.igodigital.com (1) 5107 No data No data 54.209.178.190
mnemonic passive DNS hmg.divinavontade.com (3) 0 2021-11-05 07:02:11 UTC 2022-09-27 07:28:07 UTC 35.186.210.54 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.208.34.131
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS killbot.org (2) 0 2014-03-26 13:15:40 UTC 2022-09-26 22:11:40 UTC 172.67.166.105 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 04:13:22 UTC 143.204.55.49


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 35.186.210.54

Date UQ / IDS / BL URL IP
2022-09-27 07:55:24 +0000
0 - 0 - 3 hmg.divinavontade.com/dev-ti/cu-onlineback/W 35.186.210.54

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-11-30 04:02:46 +0000
0 - 0 - 3 dresmematu1976.blogspot.com.ee/ 142.250.74.161
2022-11-30 04:02:39 +0000
0 - 0 - 3 gangcornsandter1980.blogspot.my/ 172.217.21.161
2022-11-30 04:02:19 +0000
0 - 0 - 3 astridberges-frisbey.blogspot.fr/2011/05/beau (...) 142.250.74.161
2022-11-30 04:00:47 +0000
0 - 0 - 3 cizgifilm-evi.blogspot.com.es/search/label/BA (...) 172.217.21.161
2022-11-30 04:00:14 +0000
0 - 0 - 1 joefairless.com/wp-content/plugins/super-form (...) 35.197.103.138

Last 1 reports on domain: divinavontade.com

Date UQ / IDS / BL URL IP
2022-09-27 07:55:24 +0000
0 - 0 - 3 hmg.divinavontade.com/dev-ti/cu-onlineback/W 35.186.210.54

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-04 08:57:40 +0000
0 - 0 - 1 www.iresearchservices.com/gfg/ebankinbecuback/W 142.4.6.241
2022-09-29 08:49:22 +0000
0 - 0 - 9 mrpicketts.co.uk/ebak/W 31.193.12.29
2022-09-21 10:08:16 +0000
0 - 0 - 5 bolverkoopmachine.nl/uback/W/ 149.210.209.105
2022-09-20 16:04:53 +0000
0 - 0 - 5 bolverkoopmachine.nl/uback/W/ 149.210.209.105
2022-09-15 08:22:41 +0000
75 - 0 - 60 mail.ecusec.duckdns.org/becu.org_MARK4DGOOD/ 69.49.247.46


JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (66)


Request Response
                                        
                                            GET /dev-ti/cu-onlineback/W HTTP/1.1 
Host: hmg.divinavontade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.210.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 07:55:13 GMT
Content-Length: 169
Location: https://hmg.divinavontade.com/dev-ti/cu-onlineback/W
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    0f952b73d3f5586637ea9a5a789d48f4
Sha1:   b29aff4ffa1d4decd77db5160f920e1c6417e5e9
Sha256: 69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 07:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G3YidAv8YBeRqjgUzOyFzZFMkAwmPSab0TAuIVK9Yh5KwPbUxwksow==
Age: 2383


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Tue, 27 Sep 2022 09:33:14 GMT
Date: Tue, 27 Sep 2022 07:55:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e2_8KkL-NuiCMBdoEW8WrFzFec--_rRqYg2HwngJ8iu0UShV9UZmOg==
age: 81487
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 07:55:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1d4/OUcXDWr1NBA HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /dev-ti/cu-onlineback/W HTTP/1.1 
Host: hmg.divinavontade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         35.186.210.54
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                        
server: nginx/1.20.1
date: Tue, 27 Sep 2022 07:55:13 GMT
content-length: 260
location: http://hmg.divinavontade.com/dev-ti/cu-onlineback/W/
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   260
Md5:    414ed96280dd3d99f602f638c1a85f6a
Sha1:   78d51b5ef38af163c362f07372ca276460879055
Sha256: 54669c9e2dae57a8fc69be9893c0c6027c8b671ac659ba7a977eeb8a2d6ab4cb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /s/gts1d4/OUcXDWr1NBA HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 07:10:46 GMT
Expires: Tue, 27 Sep 2022 07:38:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H10ysyX0sbWCaZQZqZzZ4Mi2CAZt-xC-q9zOcqCtYyVl9f9I00qKgQ==
Age: 2667


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /dev-ti/cu-onlineback/W/ HTTP/1.1 
Host: hmg.divinavontade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.210.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 07:55:13 GMT
Content-Length: 169
Location: https://hmg.divinavontade.com/dev-ti/cu-onlineback/W/
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    0f952b73d3f5586637ea9a5a789d48f4
Sha1:   b29aff4ffa1d4decd77db5160f920e1c6417e5e9
Sha256: 69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3350
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Last-Modified: Tue, 27 Sep 2022 06:59:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 07:55:14 GMT
age: 30111
x-served-by: cache-fra19171-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1167
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2400)
Size:   1167
Md5:    00d8e4bf35e3ecfb78d1e8a64284059b
Sha1:   560445b7f347a8945bcb2073767fa8593dbef22d
Sha256: 8f2a3c4a3919454b2578b5bbadc9b8f135d5e12ce37e717a6010d808d40a1a05
                                        
                                            GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2980500
expires: Sun, 17 Sep 2023 07:55:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV4M0qEMx3negIHMfqJur2Bz5Uz676abzRBIkAX391gDT%2BfqzbQnw6SclkX119PtbmEDW%2BsXfJrIcnJQVg1d6XwTt9Qbkd5hQT2BQ6XUnoZovyXDbmmjqjMmRRsLLnslCFN4pfym"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7512ad06fc96fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4517
Md5:    e40e054c5726f042bad463e3774a2777
Sha1:   5c9413b72837a440b327444104830c35ae3b052c
Sha256: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
                                        
                                            GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7308561
expires: Sun, 17 Sep 2023 07:55:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUw3j%2BCWExb5D0Xpv5Jn8hTv1R%2BCfOYWfOxmvK7TX6p0%2B4noTb6pGqk7A45bXDv%2BMvrCwRTZsaj8mcMjRvQ1s6%2FDq7O1%2BjpfHtTCsO0xE%2BghG%2Fw2Mp0IvhCD%2F0OOekL2iGYxjm%2FY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7512ad06fbab0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20322)
Size:   6458
Md5:    df9fe6d48e380554eb0ec9687bed3246
Sha1:   207263d754220200c1916edfbda262f62223ecf5
Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2429
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Last-Modified: Tue, 27 Sep 2022 07:14:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /jquery-3.2.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
content-encoding: gzip
content-length: 30125
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664265314.dop022.sk1.t,1664265314.cds264.sk1.hn,1664265314.cds222.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   30125
Md5:    148f8d3ffd9cc02048c5f4d1cc83c407
Sha1:   9f2b89cfd151be6a29b4d43ad64d164fb8471046
Sha256: 4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
                                        
                                            GET /jquery-3.3.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
content-encoding: gzip
content-length: 24038
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664265314.dop014.sk1.t,1664265314.cds225.sk1.hn,1664265314.cds230.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65247)
Size:   24038
Md5:    0f2e7d37e730fdbb1d8a1e8638529ecb
Sha1:   c21d16978a858baa75be15cb7e799ff000929429
Sha256: cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6CCC2647E334ACF00DC401631A7D1A373C4E9FA4"
Expires: Tue, 27 Sep 2022 18:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3372
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7512ad0738f4fac4-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    037547135a7c66a22b4e132552ec54eb
Sha1:   165eec1b4e8ea26fd4afcc2074d04dc6616af8b4
Sha256: aa22a69acbc99a1f7eecb6d7d28b788c1c1896ce6df6e34512d9281e8fffb663
                                        
                                            GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.199.19.160
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 17266809
cache-control: public,max-age=31536000
date: Tue, 27 Sep 2022 07:55:14 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2429
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Last-Modified: Tue, 27 Sep 2022 07:14:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BQf/aSaa028k/SI8KTMHQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.208.34.131
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ly89wDouYWY5fURodiVETtaYLMM=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Last-Modified: Tue, 27 Sep 2022 06:50:20 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uerOK4S3lEJDPS2XWaL8NMATv5Sp00AVFMsCjxdeYCamW2wdJds0Yg==
Age: 3894

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Server: ECS (amb/6BB6)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Last-Modified: Tue, 27 Sep 2022 07:55:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Server: ECS (amb/6B94)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Server: ECS (amb/6B73)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:55:14 GMT
Server: ECS (amb/6B86)
Content-Length: 471

                                        
                                            GET /fonts/BECU_MuseoSans_webfontKit02.css HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
Date: Tue, 27 Sep 2022 07:55:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: PersistanceCookie=!GVuMj4jM+sLtBYpXgow+XemwfZM2lsJ7et0VorlRsoUQgSF/gegokJCfE5ZjIHuBhGHk0owxgX5nqg==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   900
Md5:    9c36781edb7f6a3dda8cec2e7ca7c4bc
Sha1:   cdf91d82d50d2ef91a4a0d977b7f1900022da546
Sha256: b06cc3a99e61b5b5a92b951be3b77fcf64fe2d7d51f18f830787429ce3ad34fa
                                        
                                            GET /BECUBankingWeb/DESGetFiles.aspx?type=styles&version=63753916366&files=13 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Cache-Control: public
Expires: Thu, 27 Oct 2022 07:00:00 GMT
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd8cfe9737c888fe1b1485a0af8b92ca8d7a388c35b28b0f9f789371ed0b89eaeb3aeb0db6e2fc1998bf0727f7b05c93a8; Path=/; Domain=.onlinebanking.becu.org PersistanceCookie=!UT1v4x6pfhCI2LVXgow+XemwfZM2loeCBS5EJihwGQxvBCOB26q7y5B9xaKvcToRUvqxYxM1GhO/Ag==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   456
Md5:    73ab01e6de8768bbf174bc165cebf8c5
Sha1:   dabcf6013db23d559e55ec1717c381fc6fac51ec
Sha256: 5efd545d836b69eedcd6df365191ae277e37767d29d9d372a918d65b03aebc67
                                        
                                            GET /BECUBankingWeb/styles/becu-olb.min.css?buildDate=5%2f19%2f2021+3%3a34%3a43+PM HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 02 Sep 2022 18:41:20 GMT
Accept-Ranges: bytes
ETag: "088c897fbbed81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd2262ae562960284748ecf9e0cdd78dfeade90d09c2917af3fad37c25383269a9a29dd6a23b16b9acc3d96b5c497d2597; Path=/; Domain=.onlinebanking.becu.org PersistanceCookie=!XGPU2lTkT0zXZeVXgow+XemwfZM2lrDwVGuJqwkiwnOYDS1Ob6TbZwu+FppT5XLKD5YA5QY4Febq6A==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (62891)
Size:   59371
Md5:    a50d33708b614409250354dfbab3d5be
Sha1:   e960d0854ae7fbd207b0736b1fbbb4b919490722
Sha256: cda77e00ddeb444347640e4fc81486045b7615b72dde733d596b291e02d38096
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 571494
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /becubankingweb/images/Icon_Twitter.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 712
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (712), with no line terminators
Size:   712
Md5:    630863a1b5c0c99506edb380aa604e97
Sha1:   e58f4e624627f77f94cf1d2d449f96733166f725
Sha256: 235b57c1397a0b1e2ddf5a3d153a56b2ded692ad6c08e4d09525f30228f728f3
                                        
                                            GET /BECUBankingWeb/Images/ico-closed-eye-new.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:18 GMT
Accept-Ranges: bytes
ETag: "0f421f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 691
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd7227bcb4bd0414983baa7e0d6a5355dfa3293ee4afbff318ef1322d70bd8619d4b390be48254552a82f9a712399ca17b; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   691
Md5:    48f94f58ce088074cda3f8f91485a073
Sha1:   a0d70eefc6cc5dee1ef9bfdf93becb461cf9c9d9
Sha256: 517ccec038ddf888146f0508f7eac214cbbf1a133701fc208ea0328b1bff9944
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 571494
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /becubankingweb/images/Icon_NCUA.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:14 GMT
Content-Length: 7540
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd4ca2761f7cb2d97ed4056e7dc0af8b08a466146a4a301c7feee3b1b01c6c5faaf56471bcb0aac6b0d907e059ff41b950; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  PNG image data, 544 x 255, 8-bit colormap, non-interlaced\012- data
Size:   7540
Md5:    c1517a5ec75cf8cb54b9d814209193d2
Sha1:   825d25cf351bd96d577196914a8c66aab3e74a71
Sha256: 88670f18763ad6b0a9c935368618718668149f7b196213daa8caa078453876bc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /becubankingweb/images/Icon_Facebook.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 483
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (483), with no line terminators
Size:   483
Md5:    a7b892ad939b7053428c0fe6131b0295
Sha1:   5c32c4a862310dec2455c519e01cb444f9188e77
Sha256: 1e554c21fc3503f9d06cba399b2627da518c93115e0701472dbca76f82de6fd8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5577
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 07:55:15 GMT
Connection: keep-alive

                                        
                                            GET /becubankingweb/images/Icon_Instagram.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 1124
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd82f94a14b0a827e0165110028d52a7be1478fef61e386ff808f6a1f4a6b5830bc71bef171b92a4d8c0ff5b13386a26a3; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1124), with no line terminators
Size:   1124
Md5:    fca00828ddc647c60278b27dcedf751f
Sha1:   736464a4c99f937fbafc9e45de0b7cc2f7943079
Sha256: 79bdefee2f0f239d339054f9606f8c9d828f326fb519542526f795fe6f5a1f2d
                                        
                                            GET /becubankingweb/images/Icon_Pinterest.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 950
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd4cd11473d57ef1aea4e8ed412bad80b0d34d373efb288546e99485c1b13d0151e4e2141c3cbba754b898c57d7c24f29e; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (950), with no line terminators
Size:   950
Md5:    d9a7753d8f536bbaca8b372edbb7b37c
Sha1:   a8d338d8a82a388c656e9026ac820a65845b3c9c
Sha256: 617238ba317a7df75057cb94382232aa54771b868b930084f811c067facc8cdd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5577
Expires: Tue, 27 Sep 2022 09:28:12 GMT
Date: Tue, 27 Sep 2022 07:55:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 22645
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /becubankingweb/images/Icon_EHOL.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 6099
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: PersistanceCookie=!IXOpeBh5BDyJoKBXgow+XemwfZM2lj7l34G2smNTwY9w4V2jryyB5bjkurerFZjcrZP8MHWD/HsIpQ==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  PNG image data, 271 x 289, 8-bit colormap, non-interlaced\012- data
Size:   6099
Md5:    976273f8b065ba38edb8de09b2e6fbad
Sha1:   91ad6dec2558e1eada674f2af43d2c4f555ddeb4
Sha256: 7e2f8c0c858a03425096e2158d00ea6f8965cbdd36bc40bc51b7862f85f8558e
                                        
                                            GET /becubankingweb/images/Icon_YouTube.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 556
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fdf7c34e1a5a30e87d266b4ceac90ab0a6de3b6bb0bb5de58c2b86408c479e0cf3edf8cf91e7e86b4e70d06d0d2b13a7c9; Path=/; Domain=.onlinebanking.becu.org PersistanceCookie=!SXapCdxZuQC7YE1Xgow+XemwfZM2ltowuNq6Noxu5jBFy+mbiVDln9u5evUu48PtEumft3Omm2hovQ==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (556), with no line terminators
Size:   556
Md5:    c7f632dc1d0a99d5a158d449f740bcb1
Sha1:   43500137cb9c8c84cc50ed1ae681253b8c55e751
Sha256: 533b8aa165bcc0eb9bf9950fd6e3eaed779c01fdf3a977780793bcc734398b1c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:00 GMT
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
age: 36975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eE2AvjvM7j07Go69VVEmTF8Q-KA5bZwOBdn_SgR5fcZj8lL760_q2Q==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:57:22 GMT
age: 50273
etag: "2b53c4f836970501a682dae07235215c487d35cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7716
Md5:    8ef8d9284ebd57a7cf76ceb762291356
Sha1:   2b53c4f836970501a682dae07235215c487d35cc
Sha256: 3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:14 GMT
age: 24601
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7701
Md5:    9ff2dbdbf6d450f0d9774777b3c5aa6e
Sha1:   2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
                                        
                                            GET /BECUBankingWeb/images/becu-logo-desktop.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:18 GMT
Accept-Ranges: bytes
ETag: "0f421f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 3289
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: PersistanceCookie=!nmG8xS2ceybDjWdXgow+XemwfZM2lozBvTwBkJR0f+E1/20K6mLYYvrSStdj/MF7Ug7KTdgYQuDv2Q==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  PNG image data, 175 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size:   3289
Md5:    20f678e721980236a84726cff4fc2992
Sha1:   249a2742d92b9192bd94f35b95b034587f6470c7
Sha256: c25e1eb12d082ca91060a9f463cad441e8efe5687ecb0b6d946219eb683ce42a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10864
x-amzn-requestid: 104fb4b4-d1cc-47ee-9cc2-9b61e235d43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4e41GJUoAMFs6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cde9e-55cda4c12c907e8d74ec9730;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 22:15:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W7NFcpiPV1dBHdWeQnhlOwWtNQ6-opRHWo6U49ECaRYDjyRNbVx9KQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:52:35 GMT
age: 160
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10864
Md5:    56c3768b851e6a5206cbfbe3f5a97cae
Sha1:   2a2fabd9f9792daf9c058fc754d5616267b703f1
Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 36968
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /becubankingweb/images/Icon_LinkedIn.svg?h=45&w=45 HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:16 GMT
Accept-Ranges: bytes
ETag: "0e2100f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 558
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit8006
Vary: Accept-Encoding


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (558), with no line terminators
Size:   558
Md5:    0e29cc458d03819592d2b152828e662a
Sha1:   c5798d8093c7a9de20f9162b4cc7f1cdc966da5a
Sha256: aec961554eb286c5987fa7fab0e14ce809769451c8f29a86a939905bf4fcacbc
                                        
                                            GET /BECUBankingWeb/images/becu-logo-mobile.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:18 GMT
Accept-Ranges: bytes
ETag: "0f421f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 1927
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fda4f8240ca930e92ac652c346313475ee7911ab0b0ac65057719b36774efec20dda334a83c456faae264f351fe6e27082; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  PNG image data, 81 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   1927
Md5:    e11b33e62339585e285cac82331ce814
Sha1:   3684c6ab46a28bb3769a45140b39634913e0de01
Sha256: 37d7cfe6df3b924bfaf33320ffd526cc558d3c693f63241d90bde8133f8105a7
                                        
                                            GET /BECUBankingWeb/images/becu-logo-tablet.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:18 GMT
Accept-Ranges: bytes
ETag: "0f421f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 2324
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fdd14404d248c8107b1d688c56c2b9c499cb88d820db1b7e4ea5cb21bfd2c31c968ac4a812f8561819739194313af28554; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  PNG image data, 120 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size:   2324
Md5:    067dce671072a4f71212d7f732b4834b
Sha1:   92692bb8c9dfa84d8e2592c33d9bc5f2f4dbd0d1
Sha256: 8278a26d76affc3ec5de77cb8c69af07fe5efd2d52ee0c048f4a8649b627f804
                                        
                                            GET /BECUBankingWeb/styles/fonts/becu-icons.woff HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://onlinebanking.becu.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:20 GMT
Accept-Ranges: bytes
ETag: "03c732f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 3400
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: PersistanceCookie=!RqxF7jAJs7zeAFlXgow+XemwfZM2lmvJOezoV7YiHtx3DmQL1ru3+NzLgxw/a+C7UIyJiFL3dG1g3Q==; path=/; Httponly; Secure
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 3400, version 1.0\012- data
Size:   3400
Md5:    0732f5f3d6d512db810a244afdd7fa0f
Sha1:   d040945eacf67d85eed477c2c0cbc5c4af961bdf
Sha256: a47ebd1a4c87da626d6ce831a4a319a0e242130f646d9b4bbdedf073d6e79c1e
                                        
                                            GET /BECUBankingWeb/styles/fonts/becu-icons.ttf HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://onlinebanking.becu.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Cache-Control: max-age=604800
Last-Modified: Fri, 18 Mar 2022 18:07:20 GMT
Accept-Ranges: bytes
ETag: "03c732f33ad81:0"
Server: Microsoft-IIS/10.0
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:15 GMT
Content-Length: 4924
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string\012- data
Size:   4924
Md5:    4683078ab8caacaa0efb56c5af0650ca
Sha1:   f40c9ba09aab0756e4fe9f24b15201b38d50ab63
Sha256: 8a3cb41504e29d0677340e5153f4b5f6d21dc50e765c225b966be909b70c5914
                                        
                                            GET /BECUBankingWeb/favicon-32x32.png HTTP/1.1 
Host: onlinebanking.becu.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.177.191
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: no-cache
Last-Modified: Fri, 18 Mar 2022 18:07:20 GMT
Accept-Ranges: bytes
ETag: "03c732f33ad81:0"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "https://onlinebanking.becu.org/BECUBankingWeb " r (c 0 l 0 n 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 s 0 v 0))
SrvCustom: I01
X-Frame-Options: sameorigin
Date: Tue, 27 Sep 2022 07:55:16 GMT
Content-Length: 15086
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: TS014f9d08=019055f3fd1eb9971e24dd07181f138d19a40c92627ecc84d0a4131b12e00d7a8cffb9ea2e4d578bae860376e9b37ee7b28ebeaf61; Path=/; Domain=.onlinebanking.becu.org
Via: 1.1 dca1-bit8006


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   15086
Md5:    4ec97a47f760361d8993dcd20c851fd2
Sha1:   209b253e348a92643a9469ed3429bb5f4f1584d2
Sha256: 03716691a80664c3ddcd13d7afbb1c5b171b8e441cce2f2dc5af6cf927f88f90
                                        
                                            GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/20/2022 03:07:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d09df39f7ba357828a3450295f62ccda
cdn-cache: HIT
cf-cache-status: HIT
age: 36523
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7512ad072865b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collect.js HTTP/1.1 
Host: 7000878.collect.igodigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.209.178.190
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 07:55:14 GMT
last-modified: Mon, 26 Sep 2022 20:16:36 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Lato:400,300,400italic,700,700italic,900 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onlinebanking.becu.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 07:55:15 GMT
date: Tue, 27 Sep 2022 07:55:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c2/7000878/track_page_view?payload=%7B%22title%22%3A%22Online%20Banking%20Login%20%7C%20BECU%22%2C%22url%22%3A%22https%3A%2F%2Fonlinebanking.becu.org%2FBECUBankingWeb%2FLogin.aspx%3F_ga%3D2.207284887.540394223.1641839592-1544486261.1641839586%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.becu.org%2F%22%7D HTTP/1.1 
Host: nova.collect.igodigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hmg.divinavontade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.209.178.190
HTTP/2 202 Accepted
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 07:55:15 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-disposition: inline
content-transfer-encoding: binary
cache-control: private
set-cookie: igodigitaltc2=b8ee8756-3e39-11ed-b258-e66deac62434; domain=.igodigital.com; path=/; expires=Mon, 27 Sep 2032 07:55:15 GMT; Secure; SameSite=None igodigitalst_7000878=b8ee8dbe-3e39-11ed-b258-e66deac62434; domain=.igodigital.com; path=/; expires=Tue, 27 Sep 2022 08:55:15 GMT; Secure; SameSite=None igodigitalstdomain=11782; domain=.igodigital.com; path=/; expires=Tue, 27 Sep 2022 08:55:15 GMT; Secure; SameSite=None
x-request-id: 8b2a74a6-5e2e-4197-bd63-c5599953ea15
x-runtime: 0.006044
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v2/whois?apikey=93LTY4MAUiddsFwo9YoOvuj3WIcN5PMzcLUwixdkD6hkV HTTP/1.1 
Host: killbot.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hmg.divinavontade.com/
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.166.105
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:55:16 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
set-cookie: _killbot=ggmiicbhcn7gb61uio35ln93vhaveslt; expires=Tue, 27-Sep-2022 09:55:16 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FH6oT6aFBCqcB9DfpxkeqVavoKYFzEs%2FcdaFl6vzc%2FJ3eGYw2EqHoIceFF3dce%2F%2BD9hnfccstOty1ENGUXBoOqvs0PF3lIOxe06gogJ%2BX4qQCk0X%2Bf0HJF1caL8aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7512ad0db9a4b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v2/blocker?apikey=93LTY4MAUiddsFwo9YoOvuj3WIcN5PMzcLUwixdkD6hkV&ip=91.90.42.154&ua=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&url= HTTP/1.1 
Host: killbot.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hmg.divinavontade.com/
Origin: https://hmg.divinavontade.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.166.105
HTTP/2 401 Unauthorized
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:55:16 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
access-control-allow-origin: *
access-control-allow-methods: POST, GET
set-cookie: _killbot=raq3hfn1la1psibomci6pkef93bi2jne; expires=Tue, 27-Sep-2022 09:55:16 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuG5UdTyH3RzrdjzVLynEdkBCtKTNkjnOyLhmY57d4YCPO41rNoxgMkkYdIg0SGAQmDzMR%2BX9GvRa5dDjVSSFG7DnZ7rDGbiy2tQ3ja5cRrrhX144f0eVoY8sUCJJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7512ad12ee72b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---