firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Dg4ReSZxP4Q7GzXu5EqAAadd_Rl_g3y4zlUVVXLq5duJscwxn2k8eA==
Age: 64069
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11118
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 09:35:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13966
Expires: Thu, 06 Oct 2022 13:27:53 GMT
Date: Thu, 06 Oct 2022 09:35:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3kN90+HumZPJFFkWUwLFaBp4RoQjj89300rYg/e2hEN9YxKE8XdJ398xjXeD0w4AqNtIVIvJVDI=
x-amz-request-id: 64S3MN6AJGV1XDBG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 08:58:41 GMT
age: 2186
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 09:35:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 10:00:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gFBo0J_f6RNPiIOcg1kkAp7OU-UvcWGgmynlPtuinDSt3AOxksnpsQ==
Age: 327
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:08 GMT
Last-Modified: Thu, 06 Oct 2022 08:11:44 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.223.168.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.168.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QuzDLC9tQL2bCGVwPWCRAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z2CjkS7abQojH6iAYcvTIWziwiM=
floresycastillo.com/verify.dcu/otp.html
147.124.219.17200 OK 30 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/otp.html
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2737), with CRLF line terminators
Hash 12f3e57b7e64e987f3fc91ce9c80d517
04d8c98c5c7bf842cc11ac155232af42fe01fd95
3ce9a13e1b6f80ba1b1ff55289fcc09634e1f7d60a89ff46da0cbf63992027c5
Analyzer Verdict Alert openphish Digital Federal Credit Union
fortinet Phishing
GET /verify.dcu/otp.html HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:09 GMT
Server: Apache
Last-Modified: Tue, 23 Aug 2022 16:48:06 GMT
Accept-Ranges: bytes
Content-Length: 29728
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
23.38.200.237200 OK 74 kB URL HTTP/2 assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash c8e5e4603713b2afef04641fbdaadcf8
ba70173dec1981bb9419e44373987917c15512e8
3beb4f3ae29074fd5cfbd0c211659e3fe7499219b644bef22f79e4898cf92427
GET /c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "97a1294fe9ebfd08669e214fcc839024:1658495611.885198"
last-modified: Fri, 22 Jul 2022 13:13:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 06 Oct 2022 10:35:09 GMT
date: Thu, 06 Oct 2022 09:35:09 GMT
content-length: 73977
access-control-allow-origin: https://floresycastillo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 06 Oct 2022 10:35:09 GMT
date: Thu, 06 Oct 2022 09:35:09 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://floresycastillo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3155)
Hash e672de61b277fc72de4299829bfbb31c
157a7409922d58a02dad3ba879d04eb2a3ef8f3d
e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 06 Oct 2022 10:35:09 GMT
date: Thu, 06 Oct 2022 09:35:09 GMT
content-length: 1597
cache-control: no-cache
access-control-allow-origin: https://floresycastillo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e92ae2c6196d2327fbd2098c10fc4ff5
3ff4701653efb8a8f5b157a58a4c3747770ef5d9
2c5dc2147edd08768b87d88fda54f44c0a222f147a6c4ad8912a96983f6813ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:09 GMT
Last-Modified: Thu, 06 Oct 2022 08:29:16 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6359ddcae6ca0e994db9bfd0335c90bc
f2dfe040103a2743e345a41e8aae7fe0f81ae271
279af1331cac54f0b54beaede2d9249ce5c4dfb8f48bed881549a8d3d25a4925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2399
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:09 GMT
Last-Modified: Thu, 06 Oct 2022 08:55:10 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b50be53490939245c98eebd5a2fb2abf
0b1c3dea731a0ca520bdf4df12aed7db4ac519d7
65a4a2fa5a0e95ae467365e907b10297bdad39208da7a16d2ddfc264d15d0ebc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2622
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:09 GMT
Last-Modified: Thu, 06 Oct 2022 08:51:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
floresycastillo.com/verify.dcu/js/config.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/config.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 1e3d96a926cc94aeb2a7935d8202ce9f
3e5ef9fefb1b8f2ba634becd16f9a6bd232284cd
31e7b63acef4c4564ad82791ccdb5cbe10eb22fe2ed9a68f75007c517277d0ff
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/config.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:09 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b50be53490939245c98eebd5a2fb2abf
0b1c3dea731a0ca520bdf4df12aed7db4ac519d7
65a4a2fa5a0e95ae467365e907b10297bdad39208da7a16d2ddfc264d15d0ebc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2622
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:09 GMT
Last-Modified: Thu, 06 Oct 2022 08:51:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
mpsnare.iesnare.com/5.5.0/logo.js
54.195.39.4200 OK 420 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP 54.195.39.4:0
File type ASCII text, with very long lines (377)
Hash 37916839df56aa2e35ad9bdc54f5ecad
f7b5f25b4393b28435289632afda359f91d1a012
d7da84d7cdb3a9a7677925b70e0d8de18ec500f2aa82b9583c9bb6784a10b8e4
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 09:35:09 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Fri, 06 Oct 2023 09:35:09 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
54.195.39.4200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 54.195.39.4:0
File type ASCII text, with very long lines (1038)
Hash e5e281df5e5eb61bd0e5e30eac55e79c
fdf1f288f3bb58740e068f961bd0939c363c489b
6c14447efac469a17a132b760b9dd6dd479d537056b6335f7582660cc70f9203
GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 09:35:09 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=ZIx3nM6bhIej7VpKB0brc7f5ErCoweHCTUONzmAmIzg=;Path=/;Expires=Fri, 06-Oct-2023 09:35:09 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
floresycastillo.com/verify.dcu/css/chunk-common.d06af608.css
147.124.219.17200 OK 13 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/css/chunk-common.d06af608.css
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type ASCII text, with very long lines (13269)
Hash 23d853d0b8dc4dbf3ee3eb5839450e98
5cb719cc195a20a18ff9ff1ec6cf16c1e986cad6
c68f6f80ec1fb457c7b8a3a1e1fefe3ffbb4e276fc80f38ef8b35df8ab5715e8
GET /verify.dcu/css/chunk-common.d06af608.css HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:09 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:51:12 GMT
Accept-Ranges: bytes
Content-Length: 13357
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash d0db84ebc1bdde95b52366c236a41f1c
8f6ccc43b1e9204f27933ab18975f22964d7767e
4a731a93b36a171369cfa20a5d25be10e25e131399de2f888acae1b5dfe5d21e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 09:35:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 21:09:22 GMT
Expires: Thu, 06 Oct 2022 21:09:22 GMT
ETag: "8f6ccc43b1e9204f27933ab18975f22964d7767e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash d0db84ebc1bdde95b52366c236a41f1c
8f6ccc43b1e9204f27933ab18975f22964d7767e
4a731a93b36a171369cfa20a5d25be10e25e131399de2f888acae1b5dfe5d21e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 09:35:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 21:09:22 GMT
Expires: Thu, 06 Oct 2022 21:09:22 GMT
ETag: "8f6ccc43b1e9204f27933ab18975f22964d7767e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash d0db84ebc1bdde95b52366c236a41f1c
8f6ccc43b1e9204f27933ab18975f22964d7767e
4a731a93b36a171369cfa20a5d25be10e25e131399de2f888acae1b5dfe5d21e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 09:35:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 21:09:22 GMT
Expires: Thu, 06 Oct 2022 21:09:22 GMT
ETag: "8f6ccc43b1e9204f27933ab18975f22964d7767e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
54.92.173.224200 OK 3.5 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
IP 54.92.173.224:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash c9e0ee1acc72fd18e3953cf614f7e879
bacc2349aab9dfac47cd153702e98e1fa48466f4
e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:35:10 GMT
content-type: text/css
content-length: 3489
set-cookie: AWSALB=FwhVwtf+8SXz8LtASxWSJo5wGdnngmgxLoPzlwSRg9+l77GqSufhDGG6wAQrmySFDpX4ufd+kI1nV+whLzMfx63/blsd6E1tqlEaAwlVo2XoeIVj4kyA1wO5NBC1; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/
AWSALBCORS=FwhVwtf+8SXz8LtASxWSJo5wGdnngmgxLoPzlwSRg9+l77GqSufhDGG6wAQrmySFDpX4ufd+kI1nV+whLzMfx63/blsd6E1tqlEaAwlVo2XoeIVj4kyA1wO5NBC1; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
us.cobrowse.pega.com/cobrowse/loadScripts
34.197.131.84200 OK 508 B URL HTTP/2 us.cobrowse.pega.com/cobrowse/loadScripts
IP 34.197.131.84:0
Hash 9cdb6851bb88c14e6033ca658ac8aa88
ee1d43de555319019f8b0713a683a463803a9b41
fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
GET /cobrowse/loadScripts HTTP/1.1
Host: us.cobrowse.pega.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:35:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 508
set-cookie: AWSALB=kGelys++j2u0QSrVDYd7CIx6usfmDQcrlEk+nVapHmKsnK0Dt1EYuEHcGgcYCMD61S8FOaXRDRyWGsDEj1j9l+cvAvWBucxNsmmS5f3PrHAmotpET74Ypn14zZt6; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/
AWSALBCORS=kGelys++j2u0QSrVDYd7CIx6usfmDQcrlEk+nVapHmKsnK0Dt1EYuEHcGgcYCMD61S8FOaXRDRyWGsDEj1j9l+cvAvWBucxNsmmS5f3PrHAmotpET74Ypn14zZt6; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/; SameSite=None; Secure
connect.sid=s%3AqkKQbVizmiEBzKXHOaCrnV6IOVI_tXMf.5liLhKBio%2BKlEdneUHnFMRcxIQqkyYi2qW4m940oqig; Path=/; Expires=Sat, 08 Oct 2022 09:35:10 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap
IP 142.250.74.10:0
Hash 836d95b9073dba507624953451882a67
9401b2ab7fafbec405d023633fde4777ec0bcc66
21d1c9dfe6834357d30fb413583323fe9804b5e247d86e750ea0b73e57296fae
GET /css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 09:35:10 GMT
date: Thu, 06 Oct 2022 09:35:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
floresycastillo.com/verify.dcu/js/chunk-common.112fec58.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/chunk-common.112fec58.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash b878005b1f0f148a490d02ee4fae03f3
269906ae35d602c65d7502670a7f97a7ff9ad742
f68947769a5d49e45424129d58ae0c5219956b6d50c262120293ae9183213a3b
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/chunk-common.112fec58.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:10 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18490
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 09:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18490
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 09:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18490
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 09:35:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:22 GMT
age: 41628
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: f3b30c95-2f19-4d70-b358-ff7e1e1c56f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHJrIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5211c3087ea4f0023b32b284;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: uka14Zb4NhZEmseL9817VqWrplnl8Yrmnp3oTVs6OeMjdCLI89QoVg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 43109
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:56:07 GMT
age: 20343
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2e00e7f6054a915275111712ae68feb
016d84f56f97f1ab12c4046177e3e809aa861729
d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11478
x-amzn-requestid: d058c900-2b03-4373-aa5b-0d91128de0e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQiMGXDIAMFbVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfada-743a7dda1804ecb76ae96592;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Geyupd7DZO0XRtj6uKJM-il3wOu82I2N26-vLgJCxYlid1Csm-fYxQ==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:17 GMT
age: 41633
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.plaid.com/link/v2/stable/link-initialize.js
54.230.111.89200 OK 45 kB URL HTTP/2 cdn.plaid.com/link/v2/stable/link-initialize.js
IP 54.230.111.89:0
Hash d6b3fef6c4cfa330c4a2185508f35b35
0044719e677b0d1cc11f01f92438aab231fc18d2
66268977dfa1168ee6a7423df564d2398d3a705c8552c2f3e62e2061af963971
GET /link/v2/stable/link-initialize.js HTTP/1.1
Host: cdn.plaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: njpZc9MXUMelT2QkYJua6OxXgmN56xmEuYxODpKnlZ1mHXz72wkElJ8FCUB71nR+5qMrywoxcD4=
x-amz-request-id: EP28JAQ7N8P6EDFX
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 21:03:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yvz58CKKhTI2zKNlNAJfVLGt1TgPBAey
server: AmazonS3
content-encoding: gzip
date: Wed, 05 Oct 2022 21:44:56 GMT
cache-control: no-cache,must-revalidate,max-age=0
etag: W/"ba8b444840a41accca08424a69d54cf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vTYZQmn8ufJBPIVQO0KZsKDeLp3ba2ppg21gen0RCbCoouVMvIp-2g==
age: 42803
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 43109
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
floresycastillo.com/verify.dcu/css/2.658b5c49.css
147.124.219.17200 OK 1.8 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/css/2.658b5c49.css
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type ASCII text, with very long lines (1693)
Hash b70298004617a3d79fbc5f0fc2b12f9a
8b1d694c39141163188180547968ca904a7fe2bd
4b71b799a4bd1d311e45d774fc3d959c085921f5a6d695ee4bf53486238bd58a
GET /verify.dcu/css/2.658b5c49.css HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:10 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:50:30 GMT
Accept-Ranges: bytes
Content-Length: 1781
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
54.92.173.224200 OK 261 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
IP 54.92.173.224:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 261 kB (261370 bytes)
Hash eb9524e46cc30efd2673a51baa3a655e
f9860cf1e6dc646899418909a7bf2156df4556a4
c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:35:10 GMT
content-type: application/javascript
content-length: 261370
set-cookie: AWSALB=a2/4SW/OXczDfKonNHOqLSJn8Rk0GpMwk9YWxcsZ2DHo0eOX9iTykrP7wR/LOn81wMTscgV7J4Scdh1cl8zzlfp2YkuwZjb7oDT2MsFRmB0hwyv5m/5TIPfb4nAl; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/
AWSALBCORS=a2/4SW/OXczDfKonNHOqLSJn8Rk0GpMwk9YWxcsZ2DHo0eOX9iTykrP7wR/LOn81wMTscgV7J4Scdh1cl8zzlfp2YkuwZjb7oDT2MsFRmB0hwyv5m/5TIPfb4nAl; Expires=Thu, 13 Oct 2022 09:35:10 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
floresycastillo.com/verify.dcu/js/2.a6ab680e.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/2.a6ab680e.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 2bdade2a0304f96da26a5e040c7c4087
928f19da261601f1664915af5625f5ff0b8d29de
4eb117b003b16d25aadb053c862421ccbde65fb55a12bbb15de146ce94ff37b4
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/2.a6ab680e.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:10 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/js/vendor.e1d2459d.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/js/vendor.e1d2459d.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 3e97874bb2814e020d06c20f05250fd9
6e0fc934038bf2b17b3bef0fa14e18a3ee826e30
8c28e47fd65bff348d6aa1a4b952181d01c36e4c40395e5425abce1cc23bcc95
Analyzer Verdict Alert fortinet Phishing
GET /js/vendor.e1d2459d.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:10 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/js/app.fa332a3e.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/js/app.fa332a3e.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 6c70ca71fc707a13a1c5e0740875f16b
d0cfd940247b785d8388d8db27dab1dd21c57918
f01e79e46453f3447dab5a17f87a878f8e06b3a8d054b0a755071c5687edaa1e
Analyzer Verdict Alert fortinet Phishing
GET /js/app.fa332a3e.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:10 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/verify.dcu/js/loader_only.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/loader_only.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash dd14e314b55a628d5ea25740ea5a1b76
0a13f968d05632b37860b6f75483a346772b46e3
5e2ecea3d40da7d3d46eb929e64817ade1c8104a7fb082439bb40f1c29531531
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/loader_only.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:13 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/verify.dcu/css/app.7b1cd472.css
147.124.219.17200 OK 2.7 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/css/app.7b1cd472.css
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type ASCII text, with very long lines (2620)
Hash a6203208fe70322ee6619151c0d157f4
f3da5df8be71a8ffe532ca84e85390b64dc07f61
a96b470af21607586d13477faa3389db771879c865f4be78b3db4f2624dfba52
GET /verify.dcu/css/app.7b1cd472.css HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:13 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:51:00 GMT
Accept-Ranges: bytes
Content-Length: 2708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
floresycastillo.com/verify.dcu/css/64.64d4d70e.css
147.124.219.17200 OK 774 B URL HTTP/1.1 floresycastillo.com/verify.dcu/css/64.64d4d70e.css
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type ASCII text, with very long lines (686)
Hash 7a247a89ed509a51f9ab6b0b87d2e4e8
68dfe132947ef98665199e339e71d803de50737a
138a2c46b71532038ec611610575b2b709de80508ceaf9c73d3de140847ceb6b
GET /verify.dcu/css/64.64d4d70e.css HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:13 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:50:42 GMT
Accept-Ranges: bytes
Content-Length: 774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
floresycastillo.com/verify.dcu/css/vendor.7de76d70.css
147.124.219.17200 OK 445 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/css/vendor.7de76d70.css
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type ASCII text, with very long lines (65448)
Size 445 kB (444980 bytes)
Hash 4c071854e849732a82bf627d5eb4f6ef
26863e98af983805bad56be0caa9c74c80cb754d
830c662b25beb468bb939cdb6649edbb7b13c7225afa529b20d6862241877a4e
GET /verify.dcu/css/vendor.7de76d70.css HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:13 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:51:30 GMT
Accept-Ranges: bytes
Content-Length: 444980
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
floresycastillo.com/verify.dcu/js/64.390011c5.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/64.390011c5.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 87fedcc36282186b5edb4f763685523a
d52b5e8229e4e8472f17c6423eae3ceff3f9f987
10a079d9b6e7ae82b648c012491682fd1664528a8ae6cb0d65623c4d5a1122d8
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/64.390011c5.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/verify.dcu/dcuLogoDark.png
147.124.219.17200 OK 7.7 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/dcuLogoDark.png
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash ae64e87365d6e6696145c8c53ce3632e
09337bd0289c432bffab6f653297fe2534ad0c68
d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
GET /verify.dcu/dcuLogoDark.png HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 23:49:04 GMT
Accept-Ranges: bytes
Content-Length: 7743
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
floresycastillo.com/verify.dcu/js/chunk-common.112fec58.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/chunk-common.112fec58.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash b0764453eefb4c9cec024d3b4e1d6702
6787706e837942f01a56e438cf4c31c546a9bc11
7f5f6fffbe0f32ad7ffbf203ca20736f99b3236cec44abbad2c36fe94764c284
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/chunk-common.112fec58.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
floresycastillo.com/verify.dcu/js/2.a6ab680e.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/verify.dcu/js/2.a6ab680e.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 28bc1933183873df99352dbe32ca1be5
65ca96efe0d580d2e3f2bc21a0262be1bbd6365e
2cb162bb2c47192b85eb792e5bcba38ac5eadd7be8b09fa195a6d2edb34ee116
Analyzer Verdict Alert fortinet Phishing
GET /verify.dcu/js/2.a6ab680e.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
23.38.200.237304 Not Modified 0 B URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 23.38.200.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/x-javascript
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
expires: Thu, 06 Oct 2022 10:35:14 GMT
date: Thu, 06 Oct 2022 09:35:14 GMT
cache-control: no-cache
access-control-allow-origin: https://floresycastillo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
54.228.71.178101 Switching Protocols 0 B IP 54.228.71.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://floresycastillo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MxSBzXiUrhVrnNypsz4tbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 06 Oct 2022 09:35:14 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: fibMeVM4ZPcnmk1Rl+G4gWRvai4=
Upgrade: WebSocket
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Hash 8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:02 GMT
expires: Tue, 03 Oct 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 217632
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237304 Not Modified 0 B URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/x-javascript
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
expires: Thu, 06 Oct 2022 10:35:14 GMT
date: Thu, 06 Oct 2022 09:35:14 GMT
cache-control: no-cache
access-control-allow-origin: https://floresycastillo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 7e344afc10a492d516789f072fa6edfd
f38bd0b4e9d0577528f533b8ecd80801a0c6340f
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:48:30 GMT
expires: Thu, 05 Oct 2023 21:48:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:33:24 GMT
content-type: font/woff2
age: 42404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Hash bcf3a3fb620dfbee774f84e2c8e71530
40a79d240acdd7e5a95e165515ac7c0958a37971
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:55:18 GMT
expires: Tue, 03 Oct 2023 21:55:18 GMT
cache-control: public, max-age=31536000
age: 214796
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9f80547910a96f5fe6a05d52513a196c
eee75a6d068de025a0eb6dbaf4708608b4c769d2
af3e062cc134b69c8a1ee79384245aec8772265d5e835e8def403c545f3a0248
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:14 GMT
Last-Modified: Thu, 06 Oct 2022 09:06:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1665048914697
34.242.80.80200 OK 837 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1665048914697
IP 34.242.80.80:0
File type JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Hash e93fa2d4e7bd2e674e34c69e051d46b8
dce6ae9a548abecefa117dbd03e718a69930e568
42d013b42a381bfda3e45a20facee2e958c0cad66ef4d5b1a9c522e0d5cfb7e8
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1665048914697 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://floresycastillo.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-03b75489a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=19739599438755438742544641314252054156; Max-Age=15552000; Expires=Tue, 04 Apr 2023 09:35:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: mVNH82wOSoY=
Content-Length: 837
Connection: keep-alive
floresycastillo.com/js/vendor.e1d2459d.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/js/vendor.e1d2459d.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 6507ba539b6fe37acad859e0a50ce160
2026654967c63f59f2a622044db53e462f7df34d
fea7615f0d6687d42286af30b2d6a1a2f323b6755756c83908a6e5cda9824a89
Analyzer Verdict Alert fortinet Phishing
GET /js/vendor.e1d2459d.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19272%7CvVersion%7C5.4.0; at_check=true; mbox=session#fa84ef7a34664ac89924a50370a19491#1665050775
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 33533c23b941adea691610f6d86b6d53
bfc0391a73897124bd82308fdf7c97dddea2be59
3845dabba543f63fe418f35f0e746bf341c7200c130c2e4d3a873ce49fff53ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6273
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:15 GMT
Last-Modified: Thu, 06 Oct 2022 07:50:42 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922329b6f544e48908cd981d820861ce
9459c5153a75e93a183d15902bf44df6a8bed728
41c2972b0811d8f84fcabfad677d7982383f58af876dae0b6384e14a0fa666d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:35:15 GMT
Last-Modified: Thu, 06 Oct 2022 08:25:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
floresycastillo.com/js/app.fa332a3e.js
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/js/app.fa332a3e.js
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 8ecc543849c98a0d117e8e0e623ce5f1
755ffbb3732b435db83a29a6ff0159afb32e4823
a66169188ee58333768816d5c43318827b8228424aa09546e323c4c6e052f098
Analyzer Verdict Alert fortinet Phishing
GET /js/app.fa332a3e.js HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19272%7CvVersion%7C5.4.0; at_check=true; mbox=session#fa84ef7a34664ac89924a50370a19491#1665050775
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:14 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=19888075298670827702570748612503069148&ts=1665048914917
13.36.218.177200 OK 2 B URL HTTP/2 digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=19888075298670827702570748612503069148&ts=1665048914917
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=19888075298670827702570748612503069148&ts=1665048914917 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://floresycastillo.com
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 09:35:15 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dcu.demdex.net/dest5.html?d_nsid=0
52.19.27.104200 OK 2.8 kB URL HTTP/1.1 dcu.demdex.net/dest5.html?d_nsid=0
IP 52.19.27.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: dcu.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 6 Oct 2022 09:35:15 GMT
DCS: dcs-prod-irl1-1-v044-00915bc04.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:18:55 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 6N+rK/M1Qpc=
Content-Length: 2791
Connection: keep-alive
mpsnare.iesnare.com/time.mp3?nocache=0.9991997894813014
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.9991997894813014
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.9991997894813014 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 06 Oct 2022 09:35:15 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
digitalfederalcredit.tt.omtrdc.net/m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=fa84ef7a34664ac89924a50370a19491&mboxPC=&mboxPage=254067695dac47e089d32f28381b0e37&mboxRid=d7c59308e8a94eb58ce13e0a0a5374b0&mboxVersion=1.8.3&mboxCount=1&mboxTime=1665048914717&mboxHost=floresycastillo.com&mboxURL=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxMCSDID=02746CF90E566B04-0826F27352761A01&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=19888075298670827702570748612503069148&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
13.36.218.177200 OK 96 B URL HTTP/2 digitalfederalcredit.tt.omtrdc.net/m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=fa84ef7a34664ac89924a50370a19491&mboxPC=&mboxPage=254067695dac47e089d32f28381b0e37&mboxRid=d7c59308e8a94eb58ce13e0a0a5374b0&mboxVersion=1.8.3&mboxCount=1&mboxTime=1665048914717&mboxHost=floresycastillo.com&mboxURL=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxMCSDID=02746CF90E566B04-0826F27352761A01&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=19888075298670827702570748612503069148&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fe63d8dfa136fa2c6bf8c45f526c73cf
29b9c652dd8d0600b48ea508d828fbfe9dbb2468
4cc92ee264475e0e8b04d3dd1533e498c654dc93a39ce5435caeff180ad1fdcb
GET /m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=fa84ef7a34664ac89924a50370a19491&mboxPC=&mboxPage=254067695dac47e089d32f28381b0e37&mboxRid=d7c59308e8a94eb58ce13e0a0a5374b0&mboxVersion=1.8.3&mboxCount=1&mboxTime=1665048914717&mboxHost=floresycastillo.com&mboxURL=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&mboxMCSDID=02746CF90E566B04-0826F27352761A01&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=19888075298670827702570748612503069148&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 HTTP/1.1
Host: digitalfederalcredit.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://floresycastillo.com
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:35:15 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://floresycastillo.com
access-control-allow-credentials: true
x-request-id: d7c59308e8a94eb58ce13e0a0a5374b0
pragma: no-cache
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2
floresycastillo.com/favicon.ico
147.124.219.17404 Not Found 10 kB URL HTTP/1.1 floresycastillo.com/favicon.ico
IP 147.124.219.17:0
ASN #396073 MAJESTIC-HOSTING-01
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 9bec324674171a4733ab339e4ed5b051
b724ff30f627edfbf1dc7a3a19d1990e206f9692
85a2b21cc39675e374c864aeed51054f21d9d30a759b76da704732d3c10148bf
GET /favicon.ico HTTP/1.1
Host: floresycastillo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19272%7CMCMID%7C19888075298670827702570748612503069148%7CMCAAMLH-1665653714%7C6%7CMCAAMB-1665653714%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665056115s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; at_check=true; mbox=session#fa84ef7a34664ac89924a50370a19491#1665050775; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 09:35:15 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c80499e3ccd937651c4d56769e245c5e
b5b4b80c63b6c1459f9d127d1cb76502dc64c85b
fd7a20166e3f2062babd11638e75ba6af15e1c577674a006831fcd2930095638
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 09:35:15 GMT
Last-Modified: Thu, 06 Oct 2022 08:38:51 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UQVqsmNXHGelqZNjZ_t1o3NfhbzUc9DEWgmTPD0yhPjUegE1H9X8MQ==
Age: 3384
cm.everesttech.net/cm/dd?d_uuid=19739599438755438742544641314252054156
54.74.40.111302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=19739599438755438742544641314252054156
IP 54.74.40.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=19739599438755438742544641314252054156 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Thu, 06 Oct 2022 09:35:15 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yz6hUwAAAFJLUgN-; Domain=.everesttech.net; Expires=Fri, 06-Oct-2023 09:35:15 GMT; Path=/
everest_session_v2=Yz6hUwAAAFJLUwN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
Server: AMO-cookiemap/1.1
digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s11821600683167?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%209%3A35%3A15%204%200&sdid=02746CF90E566B04-0826F27352761A01&vid=19888075298670827702570748612503069148&mid=19888075298670827702570748612503069148&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.dcu%3Aotp.html&g=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&cc=USD&ch=verify.dcu&server=floresycastillo.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.dcu&c2=verify.dcu%3Aotp.html&v2=verify.dcu%3Aotp.html&c9=D%3Dv9&v9=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.dcu%3Aotp.html&v12=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D6%20%7C%20day%3DThursday%20%7C%20time%3D9%3A35%20AM&v13=New&c14=61&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=19888075298670827702570748612503069148&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s11821600683167?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%209%3A35%3A15%204%200&sdid=02746CF90E566B04-0826F27352761A01&vid=19888075298670827702570748612503069148&mid=19888075298670827702570748612503069148&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.dcu%3Aotp.html&g=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&cc=USD&ch=verify.dcu&server=floresycastillo.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.dcu&c2=verify.dcu%3Aotp.html&v2=verify.dcu%3Aotp.html&c9=D%3Dv9&v9=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.dcu%3Aotp.html&v12=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D6%20%7C%20day%3DThursday%20%7C%20time%3D9%3A35%20AM&v13=New&c14=61&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=19888075298670827702570748612503069148&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s11821600683167?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%209%3A35%3A15%204%200&sdid=02746CF90E566B04-0826F27352761A01&vid=19888075298670827702570748612503069148&mid=19888075298670827702570748612503069148&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.dcu%3Aotp.html&g=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&cc=USD&ch=verify.dcu&server=floresycastillo.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.dcu&c2=verify.dcu%3Aotp.html&v2=verify.dcu%3Aotp.html&c9=D%3Dv9&v9=https%3A%2F%2Ffloresycastillo.com%2Fverify.dcu%2Fotp.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.dcu%3Aotp.html&v12=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D6%20%7C%20day%3DThursday%20%7C%20time%3D9%3A35%20AM&v13=New&c14=61&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=19888075298670827702570748612503069148&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 06 Oct 2022 09:35:15 GMT
expires: Wed, 05 Oct 2022 09:35:15 GMT
last-modified: Fri, 07 Oct 2022 09:35:15 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3575665318896599040-4619629367736358179
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
34.242.80.80302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
IP 34.242.80.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Yz6hUwAAAFJLUgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://floresycastillo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=51739257234411532961183294007867012352; Max-Age=15552000; Expires=Tue, 04 Apr 2023 09:35:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nhZH51gESoI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
34.242.80.80200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz6hUwAAAFJLUgN-
IP 34.242.80.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz6hUwAAAFJLUgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://floresycastillo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-0f7f1a203.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: yzxYaBydTjk=
Content-Length: 59
Connection: keep-alive
frame.gleap.io/
51.124.12.35200 OK 0 B IP 51.124.12.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET / HTTP/1.1
Host: frame.gleap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floresycastillo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 06 Oct 2022 09:35:14 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2
frame.gleap.io/static/css/main.de56b7b2.css
51.124.12.35200 OK 0 B URL HTTP/2 frame.gleap.io/static/css/main.de56b7b2.css
IP 51.124.12.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/css/main.de56b7b2.css HTTP/1.1
Host: frame.gleap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frame.gleap.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Thu, 06 Oct 2022 09:35:14 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2
cdn.plaid.com/link/2.0.1400/link-dynamic-loader.js
54.230.111.89200 OK 0 B URL HTTP/2 cdn.plaid.com/link/2.0.1400/link-dynamic-loader.js
IP 54.230.111.89:0
GET /link/2.0.1400/link-dynamic-loader.js HTTP/1.1
Host: cdn.plaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://floresycastillo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 21:03:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: uLhWLMTcxSuYSpJRZahAw2uncYikN7ty
server: AmazonS3
content-encoding: gzip
date: Wed, 05 Oct 2022 21:41:54 GMT
cache-control: max-age=10800
etag: W/"417633180c959cb0aec6b49b90b1d9ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XS1TKQKVPZwarodxaLkbterrmS4Zi6MDfE3SmFUxFEX89qOoDVhjkA==
age: 42808
X-Firefox-Spdy: h2