urlquery - report: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-01-28 04:12:05 UTC	34.211.127.63
cdnjs.cloudflare.com (1)	235	2012-05-23 12:49:49 UTC	2023-01-28 04:09:09 UTC	104.17.25.14
www.bluekapwa.ca (11)	0	2022-12-11 16:23:17 UTC	2023-01-29 07:04:19 UTC	74.208.236.111	Unknown ranking
ocsp.digicert.com (3)	86	2012-05-21 07:02:23 UTC	2023-01-28 13:54:46 UTC	93.184.220.29
r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2023-01-28 04:09:13 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-01-28 04:09:40 UTC	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-01-28 04:11:17 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-01-28 04:09:08 UTC	34.117.237.239
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-01-28 04:09:17 UTC	34.120.237.76
ecm.capitalone.com (2)	13649	2017-02-01 17:32:51 UTC	2023-01-28 06:07:06 UTC	104.110.12.190

Scan Date	Severity	Indicator	Comment
2023-01-28	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Capital One Financial Corporation
2023-01-28	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Capital One Financial Corporation

Scan Date	Severity	Indicator	Comment
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing
2023-01-29	2	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39 (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-12 05:42:55 +0000	0 - 1 - 0	floydweaver.com/support.exe	74.208.236.111
2023-01-29 07:04:34 +0000	10 - 0 - 10	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111
2023-01-04 18:24:59 +0000	10 - 0 - 8	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111
2023-01-04 06:17:23 +0000	11 - 0 - 12	www.bluekapwa.ca/cfg/2db17b39bd22d4d7856d26f2 (...)	74.208.236.111
2022-12-12 13:13:36 +0000	4 - 0 - 10	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111

Date	UQ / IDS / BL	URL	IP
2023-03-31 18:27:32 +0000	0 - 4 - 0	memoriahistoricadelajanda.es/	82.223.69.105
2023-03-31 18:20:37 +0000	0 - 0 - 1	renew-servizio.positano-charter.it/	213.171.214.185
2023-03-31 17:44:09 +0000	0 - 0 - 18	beta.medi-buy.de/mailster/1876/d2dbdf78eb3a0d (...)	217.160.0.82
2023-03-31 17:44:02 +0000	0 - 0 - 2	beta.medi-buy.de/mailster/1943/d2dbdf78eb3a0d (...)	217.160.0.82
2023-03-31 17:44:00 +0000	0 - 0 - 2	beta.medi-buy.de/mailster/1932/d2dbdf78eb3a0d (...)	217.160.0.82

Date	UQ / IDS / BL	URL	IP
2023-01-29 07:04:34 +0000	10 - 0 - 10	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111
2023-01-04 18:24:59 +0000	10 - 0 - 8	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111
2023-01-04 06:17:23 +0000	11 - 0 - 12	www.bluekapwa.ca/cfg/2db17b39bd22d4d7856d26f2 (...)	74.208.236.111
2022-12-12 13:13:36 +0000	4 - 0 - 10	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2 (...)	74.208.236.111
2022-12-12 12:43:00 +0000	4 - 0 - 12	bluekapwa.ca/cfg/2db17b39bd22d4d7856d26f2db17 (...)	74.208.236.111

Date	UQ / IDS / BL	URL	IP
2023-03-03 06:18:56 +0000	10 - 0 - 5	secure02-capital1verification-ecm.com/gc/acco (...)	74.208.236.173
2023-02-24 07:08:13 +0000	10 - 0 - 10	webtrack.transcaribe.com/un_c/RUn9nvS4vSZCYpv (...)	74.208.236.39
2023-02-23 19:04:31 +0000	10 - 0 - 11	webtrack.transcaribe.com/ier_d/re/	74.208.236.39
2023-01-28 06:07:33 +0000	10 - 0 - 12	agency.crostracker.com/un_c/RUn9nvS4vSZCYpvud (...)	74.208.236.39
2023-01-28 06:07:12 +0000	10 - 0 - 10	agency.crostracker.com/un_c/RUn9nvS4vSZCYpvud (...)	74.208.236.39

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7258 Expires: Sun, 29 Jan 2023 09:05:21 GMT Date: Sun, 29 Jan 2023 07:04:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a2104f935c638b4767ca5ae0d738ef23 Sha1: 85c6af15af749be0ceeae6de17c36925b750f166 Sha256: 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9341 Expires: Sun, 29 Jan 2023 09:40:04 GMT Date: Sun, 29 Jan 2023 07:04:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3eb88dea4fe00db1182370e72683c3ab Sha1: ca520abf1e91bfd2aef40c6a1270a911071e8922 Sha256: d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2377 Expires: Sun, 29 Jan 2023 07:44:01 GMT Date: Sun, 29 Jan 2023 07:04:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 302c7548412192add063ad6c8b99cf3b Sha1: e5d178931a27db036ce8daae302594d3ff7050b8 Sha256: fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 29 Jan 2023 06:35:35 GMT age: 1729 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bf0c602d32b3c14606f22a86183b5e3c Sha1: 6eabd8d83475eba731968abe1a05a8bfd272f160 Sha256: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: y+wHS2sp14rfpGABosHgi9hpiDvLZ0OhbUClQsuw2PzzlmT6eLc4kKGWO1y5p+vHWew62a6Mlsc= x-amz-request-id: SR2FAPK4C3E44X2B content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 29 Jan 2023 06:50:13 GMT age: 851 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 29 Jan 2023 07:04:24 GMT content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 29 Jan 2023 06:41:41 GMT age: 1363 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8168 Expires: Sun, 29 Jan 2023 09:20:32 GMT Date: Sun, 29 Jan 2023 07:04:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 16a7b6a7128312e2f985d30df18c4487 Sha1: 6017bff79ffb525d9c7f9f32b999b74b5dc69602 Sha256: 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Tg883jwcOfLsSPYQxLCE7g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.211.127.63 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.211.127.63 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ZdgQthnDrzxXmmAam+52lfAoQt0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19957 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 07:04:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dfb84426fed94988d5c90372baff059c Sha1: f1c4740830034ff8a5759d59ae3f657ea524d083 Sha256: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19957 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 07:04:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dfb84426fed94988d5c90372baff059c Sha1: f1c4740830034ff8a5759d59ae3f657ea524d083 Sha256: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19957 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 07:04:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dfb84426fed94988d5c90372baff059c Sha1: f1c4740830034ff8a5759d59ae3f657ea524d083 Sha256: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7417 x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fYcMmFeQIAMF3Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 03:16:35 GMT age: 13671 etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7417 Md5: 6af6f32397882f56d14d22348e44a9f1 Sha1: 5a626376807e7507fa3a204c4e4e9e44aa074a37 Sha256: 478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10168 x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fFOD7H-NIAMFcxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 00:55:27 GMT age: 22139 etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10168 Md5: d5ed99a9aed6f367efc5c9498ce87ff1 Sha1: 3123eb6f550c51fe17fc62eff943b3739e239a9b Sha256: 536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11470 x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIf6WFgAIAMF6gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 04:01:15 GMT age: 10991 etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11470 Md5: 10a6491e2c1dfde68c7cd7297e70700f Sha1: d0f195319825a6d3e5e50ad15b2fcab27cb65896 Sha256: 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5594 x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fLyeEGOloAMFpzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0 x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 14:55:48 GMT age: 58118 etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5594 Md5: 4c77437e3a7361861aed8bfecbfe6bd6 Sha1: fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 Sha256: 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9167 x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPGLfFtOIAMFp7w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 20:46:16 GMT age: 37090 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9167 Md5: 3be81f83687ddb6c93d3ff3c09a9dba2 Sha1: 50a48e737310d3f31840db4301b25927fbcc12c5 Sha256: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12124 x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVMBEGtwIAMF_Zw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 12:06:16 GMT age: 68290 etag: "7f4750e505e965f129c096ef40bc24c392051025" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12124 Md5: 7da187381befeffa83fbaed380f2932e Sha1: 7f4750e505e965f129c096ef40bc24c392051025 Sha256: f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5
GET /ajax/libs/imask/3.4.0/imask.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js FQDN: cdnjs.cloudflare.com IP: 104.17.25.14 HASH: 1238c95de9a6c90c1992853fd140b31d2ec8854a09deaa0d4a2d3136281af5e9 104.17.25.14 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Sun, 29 Jan 2023 07:04:26 GMT content-length: 10899 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e9f-b217" last-modified: Mon, 04 May 2020 16:11:11 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 821067 expires: Fri, 19 Jan 2024 07:04:26 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnx9bvtHo8wMHDGWmG53ZhwZvRyYVau%2ByGtWvCiqf%2F%2Fbqm52P2CMNS2gK9N6GMLdOuSObYo%2BoAWNJncBK7CttgC5coa4%2BKEhCdG6ooMNMOeacpQumQCrHq3FXqlqw40NTL3IYuVr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 79101d20add2b50f-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (45552) Size: 10899 Md5: 6dd93e13c5bb3b67dadd0de250ffea2f Sha1: 961bf5bb7cc4aa32bcd66b9ac34461f7e02d96d3 Sha256: 1238c95de9a6c90c1992853fd140b31d2ec8854a09deaa0d4a2d3136281af5e9
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/css/style.css HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 724701ba0869c2848b479b01f166f66c868e5e6b4405b3fe9ab147c16a6068e9 74.208.236.111 HTTP/2 200 OK content-type: text/css content-length: 4248 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "1098-5ef762be2ff53" accept-ranges: bytes cache-control: max-age=2592000 expires: Tue, 28 Feb 2023 07:04:27 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 4248 Md5: 4572542ac353167e7fcd4b37c42cc452 Sha1: c3072ef8fddc1f11e80afe2de5c72867628d42a7 Sha256: 724701ba0869c2848b479b01f166f66c868e5e6b4405b3fe9ab147c16a6068e9 Alerts: urlquery: - Phishing - Capital One
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/styles.475f87ef7e34e703d941.css HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: c1470f7e138a7522526d75fdb5b1597f9adafb7bdbec38b11b89c46e931f450c 74.208.236.111 HTTP/2 200 OK content-type: text/css content-length: 116197 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "1c5e5-5ef762be42836" accept-ranges: bytes cache-control: max-age=2592000 expires: Tue, 28 Feb 2023 07:04:27 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 116197 Md5: 6268f898e79f113dced13dcebe38b10f Sha1: 7ecc82d74dda1ef9ad06700d4edcbafbc6de261a Sha256: c1470f7e138a7522526d75fdb5b1597f9adafb7bdbec38b11b89c46e931f450c Alerts: urlquery: - Phishing - Capital One
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/browserFingerPrintv1.min.js.download HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944 74.208.236.111 HTTP/2 200 OK content-type: application/javascript content-length: 28442 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "6f1a-5ef762be36cb4" accept-ranges: bytes cache-control: max-age=2592000 expires: Tue, 28 Feb 2023 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (28442), with no line terminators Size: 28442 Md5: 0f537e63c621f88c0c4bf4257394b2c2 Sha1: 7f28eaf9bbf93c3a2d4e012aaca4f34c3cbc3c97 Sha256: 559d96c9ff8af5055471707c21b22ac1a7bca706d199dc9f5659a65c02d7e944 Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/examine.svg HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: a9e240fa54e4bd317fb06ce0920687e1f1a577d70c9593db633891126e8fbd29 74.208.236.111 HTTP/2 200 OK content-type: image/svg+xml content-length: 2092 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "82c-5ef762be38bf4" accept-ranges: bytes cache-control: max-age=31536000 expires: Mon, 29 Jan 2024 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2092), with no line terminators Size: 2092 Md5: 5791de769b621b54ec564801ab823f10 Sha1: f9cb957eb9d2ef18c32c71af001e2e7bb0380f5d Sha256: a9e240fa54e4bd317fb06ce0920687e1f1a577d70c9593db633891126e8fbd29 Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/equal_housing_lender.svg HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 6043dfa194d29e8e22dc4aeed56d87b6a9a7623b97c3334592031570f4281d89 74.208.236.111 HTTP/2 200 OK content-type: image/svg+xml content-length: 3739 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "e9b-5ef762be38bf4" accept-ranges: bytes cache-control: max-age=31536000 expires: Mon, 29 Jan 2024 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3739), with no line terminators Size: 3739 Md5: 0a9caf42835ab4b61876bddec69ce0de Sha1: d30fd829250e6439b36ddd5e1b2354a52f309a4e Sha256: 6043dfa194d29e8e22dc4aeed56d87b6a9a7623b97c3334592031570f4281d89 Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/capital-one-logo.svg HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed 74.208.236.111 HTTP/2 200 OK content-type: image/svg+xml content-length: 3971 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "f83-5ef762be36cb4" accept-ranges: bytes cache-control: max-age=31536000 expires: Mon, 29 Jan 2024 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3967), with CRLF line terminators Size: 3971 Md5: f0b7ad81821effc52540e39cafda48f9 Sha1: 33d64bc7001f414f12bd92e740a45e5ced239add Sha256: 57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/files/fdic.svg HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 628de643d113e225cf4347ed2571ee813cb0919a3895d1902ee18e6f63d539f1 74.208.236.111 HTTP/2 200 OK content-type: image/svg+xml content-length: 2063 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "80f-5ef762be39b94" accept-ranges: bytes cache-control: max-age=31536000 expires: Mon, 29 Jan 2024 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2063), with no line terminators Size: 2063 Md5: 508681d436b6b42ca2fe4f037d575129 Sha1: 78a4d0e58d49cfce4ed992dcd7265548c1fa7814 Sha256: 628de643d113e225cf4347ed2571ee813cb0919a3895d1902ee18e6f63d539f1 Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/js/script.js HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 9b11ce0ce39ad24aa3c869cbde323c1605bbafdfd45ab8f013aa48731d5a4969 74.208.236.111 HTTP/2 200 OK content-type: application/javascript content-length: 99372 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "1842c-5ef762be725de" accept-ranges: bytes cache-control: max-age=2592000 expires: Tue, 28 Feb 2023 07:04:27 GMT access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (18129) Size: 99372 Md5: 1501b528220baca92f7d189b7f00136b Sha1: 60b48644dc907af63a10411190e9e085857a7078 Sha256: 9b11ce0ce39ad24aa3c869cbde323c1605bbafdfd45ab8f013aa48731d5a4969 Alerts: urlquery: - Phishing - Capital One Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6427 Cache-Control: 'max-age=158059' Date: Sun, 29 Jan 2023 07:04:27 GMT Last-Modified: Sun, 29 Jan 2023 05:17:21 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ebba17c36b014990b7f8a296c0e2fc88 Sha1: ad9aa380621fb69a2df4167c642c2e83d8b630fe Sha256: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3219 Cache-Control: max-age=155315 Date: Sun, 29 Jan 2023 07:04:27 GMT Etag: "63d5c99b-1d7" Expires: Tue, 31 Jan 2023 02:13:02 GMT Last-Modified: Sun, 29 Jan 2023 01:19:23 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ebba17c36b014990b7f8a296c0e2fc88 Sha1: ad9aa380621fb69a2df4167c642c2e83d8b630fe Sha256: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2645 Cache-Control: max-age=154741 Date: Sun, 29 Jan 2023 07:04:27 GMT Etag: "63d5c99b-1d7" Expires: Tue, 31 Jan 2023 02:03:28 GMT Last-Modified: Sun, 29 Jan 2023 01:19:23 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ebba17c36b014990b7f8a296c0e2fc88 Sha1: ad9aa380621fb69a2df4167c642c2e83d8b630fe Sha256: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6
GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1 Host: ecm.capitalone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.bluekapwa.ca Connection: keep-alive Referer: https://www.bluekapwa.ca/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt (...) FQDN: ecm.capitalone.com IP: 104.110.12.190 HASH: 902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9 104.110.12.190 HTTP/2 200 OK content-type: binary/octet-stream content-length: 27852 last-modified: Fri, 28 Jun 2019 00:26:02 GMT etag: "cb37fa55f3dfdd26d61901032a53644f" x-amz-server-side-encryption: AES256 x-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD accept-ranges: bytes server: AmazonS3 x-amz-cf-pop: LHR62-C4 x-amz-cf-id: WZLHu-KyMHr9Oi38M7o8z4XXwUqHnVG-f6Rg-E6l9knxWl69APaosA== x-datastream-cache-status: 1 cache-control: max-age=475130 expires: Fri, 03 Feb 2023 19:03:17 GMT date: Sun, 29 Jan 2023 07:04:27 GMT access-control-request-method: POST,GET,PUT,DELETE access-control-max-age: 86400 access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\012- data Size: 27852 Md5: cb37fa55f3dfdd26d61901032a53644f Sha1: 1115e8d43a08c1f74ec1f6a886d1cb530bb9da97 Sha256: 902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 8309e06f37f53f149b030882a03a33b2143a47b72520175cb09b274b16e85234 74.208.236.111 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 51785 Md5: 8ae430d8667f19b1f76ee387846a35aa Sha1: 51fe5287715c1d9b4bd180f7e4c194c5dfa4e9d4 Sha256: 8309e06f37f53f149b030882a03a33b2143a47b72520175cb09b274b16e85234 Alerts: Blocklists: - openphish: Capital One Financial Corporation - fortinet: Phishing
GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1 Host: ecm.capitalone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.bluekapwa.ca Connection: keep-alive Referer: https://www.bluekapwa.ca/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg (...) FQDN: ecm.capitalone.com IP: 104.110.12.190 HASH: 9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd 104.110.12.190 HTTP/2 200 OK content-type: binary/octet-stream content-length: 28388 last-modified: Fri, 28 Jun 2019 00:26:02 GMT etag: "f4e1fbca28c954a486a90828b2ee7543" x-amz-server-side-encryption: AES256 x-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE accept-ranges: bytes server: AmazonS3 x-amz-cf-pop: LHR62-C4 x-amz-cf-id: BGWuX4caZ0kfZbeEU9EBXkYNIfAXAQn7qhOobVDMcBZpZGYT9HOYpw== x-datastream-cache-status: 1 cache-control: max-age=448331 expires: Fri, 03 Feb 2023 11:36:38 GMT date: Sun, 29 Jan 2023 07:04:27 GMT access-control-request-method: POST,GET,PUT,DELETE access-control-max-age: 86400 access-control-allow-credentials: false access-control-allow-headers: * access-control-allow-methods: GET,POST access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\012- data Size: 28388 Md5: f4e1fbca28c954a486a90828b2ee7543 Sha1: 7750f00fe0337120e16632ea7fff2a78b11c874a Sha256: 9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/img/favicon.ico HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 HASH: 5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec 74.208.236.111 HTTP/2 200 OK content-type: image/vnd.microsoft.icon content-length: 15086 date: Sun, 29 Jan 2023 07:04:27 GMT server: Apache last-modified: Sat, 10 Dec 2022 09:48:25 GMT etag: "3aee-5ef762be6d7bd" accept-ranges: bytes cache-control: max-age=31536000 expires: Mon, 29 Jan 2024 07:04:27 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size: 15086 Md5: d27e1739c7477b10ec6917546ae61f1d Sha1: bb36ab8bce726ce72a2d74a8529526bca0fa515d Sha256: 5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec Alerts: urlquery: - Phishing - Capital One
GET /cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/ HTTP/1.1 Host: www.bluekapwa.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26 (...) FQDN: www.bluekapwa.ca IP: 74.208.236.111 74.208.236.111 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 29 Jan 2023 07:04:24 GMT server: Apache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - openphish: Capital One Financial Corporation - fortinet: Phishing

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1" 

                                        
                                            
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7258 

                                        
                                            
Expires: Sun, 29 Jan 2023 09:05:21 GMT 

                                        
                                            
Date: Sun, 29 Jan 2023 07:04:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a2104f935c638b4767ca5ae0d738ef23

                                                Sha1:   85c6af15af749be0ceeae6de17c36925b750f166

                                                Sha256: 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" 

                                        
                                            
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2377 

                                        
                                            
Expires: Sun, 29 Jan 2023 07:44:01 GMT 

                                        
                                            
Date: Sun, 29 Jan 2023 07:04:24 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    302c7548412192add063ad6c8b99cf3b

                                                Sha1:   e5d178931a27db036ce8daae302594d3ff7050b8

                                                Sha256: fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: y+wHS2sp14rfpGABosHgi9hpiDvLZ0OhbUClQsuw2PzzlmT6eLc4kKGWO1y5p+vHWew62a6Mlsc= 

                                        
                                            
x-amz-request-id: SR2FAPK4C3E44X2B 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 06:50:13 GMT 

                                        
                                            
age: 851 

                                        
                                            
last-modified: Mon, 09 Jan 2023 18:04:21 GMT 

                                        
                                            
etag: "7b922915ebf1fa3639b333f994c74f24" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    7b922915ebf1fa3639b333f994c74f24

                                                Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938

                                                Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 06:41:41 GMT 

                                        
                                            
age: 1363 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: Tg883jwcOfLsSPYQxLCE7g== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         34.211.127.63

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: ZdgQthnDrzxXmmAam+52lfAoQt0= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19957 

                                        
                                            
Expires: Sun, 29 Jan 2023 12:37:03 GMT 

                                        
                                            
Date: Sun, 29 Jan 2023 07:04:26 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    dfb84426fed94988d5c90372baff059c

                                                Sha1:   f1c4740830034ff8a5759d59ae3f657ea524d083

                                                Sha256: d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7417 

                                        
                                            
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fYcMmFeQIAMF3Yw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg== 

                                        
                                            
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 03:16:35 GMT 

                                        
                                            
age: 13671 

                                        
                                            
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7417

                                                Md5:    6af6f32397882f56d14d22348e44a9f1

                                                Sha1:   5a626376807e7507fa3a204c4e4e9e44aa074a37

                                                Sha256: 478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11470 

                                        
                                            
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fIf6WFgAIAMF6gw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg== 

                                        
                                            
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 29 Jan 2023 04:01:15 GMT 

                                        
                                            
age: 10991 

                                        
                                            
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11470

                                                Md5:    10a6491e2c1dfde68c7cd7297e70700f

                                                Sha1:   d0f195319825a6d3e5e50ad15b2fcab27cb65896

                                                Sha256: 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9167 

                                        
                                            
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fPGLfFtOIAMFp7w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg== 

                                        
                                            
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 28 Jan 2023 20:46:16 GMT 

                                        
                                            
age: 37090 

                                        
                                            
etag: "50a48e737310d3f31840db4301b25927fbcc12c5" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9167

                                                Md5:    3be81f83687ddb6c93d3ff3c09a9dba2

                                                Sha1:   50a48e737310d3f31840db4301b25927fbcc12c5

                                                Sha256: e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

                                        
                                            GET /ajax/libs/imask/3.4.0/imask.min.js HTTP/1.1 

                                        
                                            
Host: cdnjs.cloudflare.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.bluekapwa.ca/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.17.25.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Sun, 29 Jan 2023 07:04:26 GMT 

                                        
                                            
content-length: 10899 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=30672000 

                                        
                                            
content-encoding: br 

                                        
                                            
etag: "5eb03e9f-b217" 

                                        
                                            
last-modified: Mon, 04 May 2020 16:11:11 GMT 

                                        
                                            
cf-cdnjs-via: cfworker/kv 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 821067 

                                        
                                            
expires: Fri, 19 Jan 2024 07:04:26 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnx9bvtHo8wMHDGWmG53ZhwZvRyYVau%2ByGtWvCiqf%2F%2Fbqm52P2CMNS2gK9N6GMLdOuSObYo%2BoAWNJncBK7CttgC5coa4%2BKEhCdG6ooMNMOeacpQumQCrHq3FXqlqw40NTL3IYuVr"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
strict-transport-security: max-age=15780000 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79101d20add2b50f-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (45552)

                                                Size:   10899

                                                Md5:    6dd93e13c5bb3b67dadd0de250ffea2f

                                                Sha1:   961bf5bb7cc4aa32bcd66b9ac34461f7e02d96d3

                                                Sha256: 1238c95de9a6c90c1992853fd140b31d2ec8854a09deaa0d4a2d3136281af5e9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3219 

                                        
                                            
Cache-Control: max-age=155315 

                                        
                                            
Date: Sun, 29 Jan 2023 07:04:27 GMT 

                                        
                                            
Etag: "63d5c99b-1d7" 

                                        
                                            
Expires: Tue, 31 Jan 2023 02:13:02 GMT 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 01:19:23 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ebba17c36b014990b7f8a296c0e2fc88

                                                Sha1:   ad9aa380621fb69a2df4167c642c2e83d8b630fe

                                                Sha256: a332bf533aa8b41b74f1c252efdb7d681c5a003a49781fa507eb0ee34a4fe5b6

                                        
                                            GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1 

                                        
                                            
Host: ecm.capitalone.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://www.bluekapwa.ca 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.bluekapwa.ca/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.110.12.190

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 27852 

                                        
                                            
last-modified: Fri, 28 Jun 2019 00:26:02 GMT 

                                        
                                            
etag: "cb37fa55f3dfdd26d61901032a53644f" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
x-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
x-amz-cf-pop: LHR62-C4 

                                        
                                            
x-amz-cf-id: WZLHu-KyMHr9Oi38M7o8z4XXwUqHnVG-f6Rg-E6l9knxWl69APaosA== 

                                        
                                            
x-datastream-cache-status: 1 

                                        
                                            
cache-control: max-age=475130 

                                        
                                            
expires: Fri, 03 Feb 2023 19:03:17 GMT 

                                        
                                            
date: Sun, 29 Jan 2023 07:04:27 GMT 

                                        
                                            
access-control-request-method: POST,GET,PUT,DELETE 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
access-control-allow-credentials: false 

                                        
                                            
access-control-allow-headers: * 

                                        
                                            
access-control-allow-methods: GET,POST 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\012- data

                                                Size:   27852

                                                Md5:    cb37fa55f3dfdd26d61901032a53644f

                                                Sha1:   1115e8d43a08c1f74ec1f6a886d1cb530bb9da97

                                                Sha256: 902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9

                                        
                                            GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1 

                                        
                                            
Host: ecm.capitalone.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://www.bluekapwa.ca 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.bluekapwa.ca/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.110.12.190

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 28388 

                                        
                                            
last-modified: Fri, 28 Jun 2019 00:26:02 GMT 

                                        
                                            
etag: "f4e1fbca28c954a486a90828b2ee7543" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
x-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
x-amz-cf-pop: LHR62-C4 

                                        
                                            
x-amz-cf-id: BGWuX4caZ0kfZbeEU9EBXkYNIfAXAQn7qhOobVDMcBZpZGYT9HOYpw== 

                                        
                                            
x-datastream-cache-status: 1 

                                        
                                            
cache-control: max-age=448331 

                                        
                                            
expires: Fri, 03 Feb 2023 11:36:38 GMT 

                                        
                                            
date: Sun, 29 Jan 2023 07:04:27 GMT 

                                        
                                            
access-control-request-method: POST,GET,PUT,DELETE 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
access-control-allow-credentials: false 

                                        
                                            
access-control-allow-headers: * 

                                        
                                            
access-control-allow-methods: GET,POST 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\012- data

                                                Size:   28388

                                                Md5:    f4e1fbca28c954a486a90828b2ee7543

                                                Sha1:   7750f00fe0337120e16632ea7fff2a78b11c874a

                                                Sha256: 9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd

URL	www.bluekapwa.ca/cfg/2DB17B39BD22D4D7856D26F2DB17856D26F2DB17B39BD22D320B39BD22D4D101856D26F2DB17B39BD22D3204021EB0BF7D/account/kb/
IP	74.208.236.111 (United States)
ASN	#8560 IONOS SE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-01-29 07:04:34 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	10
urlquery alerts	10 Phishing - Capital One
Tags	capitalone financial phishing

Overview

Domain Summary (10)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 74.208.236.111

Last 5 reports on ASN: IONOS SE

Last 5 reports on domain: bluekapwa.ca

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (1)

#1 JavaScript::Eval (size: 5760) - SHA256: c434981231757e151338d82440787196d61aff8e65c9cd890ada8ffcfba2c2e0

Executed Writes (0)

HTTP Transactions (35)

Overview

Domain Summary (10)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 74.208.236.111

Last 5 reports on ASN: IONOS SE

Last 5 reports on domain: bluekapwa.ca

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (1)

#1 JavaScript::Eval (size: 5760) - SHA256: c434981231757e151338d82440787196d61aff8e65c9cd890ada8ffcfba2c2e0

Executed Writes (0)

HTTP Transactions (35)

Network Intrusion Detection Systems