Overview

URL bmwvslexustexas.com/cancel/debit/Yes/
IP210.16.120.16
ASNHostUS
Location Singapore
Report completed2022-09-28 10:14:44 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-27 2 bmwvslexustexas.com/cancel/debit/Yes/ Idaho Central Credit Union
2022-09-27 2 bmwvslexustexas.com/cancel/debit/Yes/ Idaho Central Credit Union
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/ Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/AdditionalServices/Contact/EBranch/Car (...) Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/BusinessHour/ATM/Security_Center/Accou (...) Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/BusinessHour/ATM/Security_Center/Accou (...) Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/BusinessHour/ATM/Security_Center/Accou (...) Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/About/ContactUs/BecomeAMember/CompanyP (...) Phishing
2022-09-28 2 bmwvslexustexas.com/cancel/debit/Yes/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-28 05:34:56 UTC 104.17.25.14
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-09-28 04:37:39 UTC 192.124.249.22
mnemonic passive DNS myebranch.iccu.com (1) 202788 2016-05-10 07:56:26 UTC 2022-09-28 05:23:13 UTC 104.18.218.35
mnemonic passive DNS 1.c81358859121583b7adf2ace89cb39f44.com (2) 75217 2020-11-23 09:04:27 UTC 2022-09-28 05:23:13 UTC 54.230.111.39
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.25
mnemonic passive DNS bmwvslexustexas.com (23) 0 2021-09-27 17:08:27 UTC 2022-09-28 10:14:03 UTC 210.16.120.16 Unknown ranking
mnemonic passive DNS wup-1ca8ebd0.us.v2.we-stats.com (3) 225817 2022-03-15 17:31:46 UTC 2022-09-26 14:51:12 UTC 52.141.217.134
mnemonic passive DNS 1.b406929acabac9b095f124c81bdfcf57f.com (2) 75277 2020-11-23 09:04:27 UTC 2022-09-28 05:23:13 UTC 54.230.111.103
mnemonic passive DNS log-1ca8ebd0.us.v2.we-stats.com (1) 234327 2022-03-15 17:31:50 UTC 2022-09-28 05:23:16 UTC 52.238.253.184
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 35.165.41.15
mnemonic passive DNS ocsp.entrust.net (3) 1208 2013-07-24 12:09:14 UTC 2022-09-28 04:47:26 UTC 104.110.10.32
mnemonic passive DNS assets.orb.alkamitech.com (2) 29430 2020-10-26 07:05:20 UTC 2022-09-24 09:51:27 UTC 143.204.55.44
mnemonic passive DNS ajax.aspnetcdn.com (1) 693 2012-05-24 13:35:31 UTC 2022-09-28 04:51:01 UTC 152.199.19.160
mnemonic passive DNS 1.a79ab95c1589a13f8a4cab612bc71f9f7.com (2) 75111 2020-11-23 09:04:27 UTC 2022-09-28 05:23:13 UTC 54.230.111.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.27
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-28 05:34:56 UTC 104.18.10.207
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-28 07:07:41 UTC 104.18.32.68
mnemonic passive DNS code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-28 04:38:15 UTC 69.16.175.42


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 210.16.120.16

Date UQ / IDS / BL URL IP
2022-09-28 10:14:44 +0000
0 - 0 - 9 bmwvslexustexas.com/cancel/debit/Yes/ 210.16.120.16
2022-09-28 10:14:20 +0000
0 - 0 - 11 bmwvslexustexas.com/cancel/debit/Yes 210.16.120.16
2022-09-28 09:33:59 +0000
3 - 0 - 2 reneheidensoultherapy.com/0000/ 210.16.120.16
2022-09-28 09:30:42 +0000
0 - 0 - 2 brittanynlake.com/dropbox/ 210.16.120.16
2022-09-28 08:49:45 +0000
0 - 0 - 2 nashakukla.com/hgn/adobe-4D10/ 210.16.120.16

Last 5 reports on ASN: HostUS

Date UQ / IDS / BL URL IP
2022-12-03 08:25:58 +0000
0 - 0 - 1 dopeboots.com/ 45.58.52.147
2022-12-02 22:34:32 +0000
0 - 0 - 1 bootsandcompany.com/Cancel/debit/No 45.58.52.147
2022-12-02 08:38:58 +0000
0 - 0 - 1 pazrealtymiami.com/ 45.58.52.147
2022-11-30 08:38:25 +0000
0 - 0 - 1 pazrealtymiami.com/ 45.58.52.147
2022-11-30 05:21:56 +0000
0 - 0 - 5 thedentalcoach.com/ 104.128.228.245

Last 2 reports on domain: bmwvslexustexas.com

Date UQ / IDS / BL URL IP
2022-09-28 10:14:44 +0000
0 - 0 - 9 bmwvslexustexas.com/cancel/debit/Yes/ 210.16.120.16
2022-09-28 10:14:20 +0000
0 - 0 - 11 bmwvslexustexas.com/cancel/debit/Yes 210.16.120.16

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 16:40:35 +0000
9 - 0 - 2 dircetdebit.xyz/myebranch/lccu.com/review/ 69.57.162.19
2022-11-28 16:39:51 +0000
9 - 0 - 1 dircetdebit.xyz/myebranch/lccu.com/review 69.57.162.19
2022-11-28 09:23:25 +0000
9 - 0 - 0 dircetdebit.xyz/myebranch/lccu.com/review/ 69.57.162.19
2022-11-28 09:23:23 +0000
9 - 0 - 0 dircetdebit.xyz/myebranch/lccu.com/review 69.57.162.19
2022-09-26 14:11:34 +0000
0 - 0 - 7 mediarazor.net/?e=/ 192.185.141.13


JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (70)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 09:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hpw6ewTRVexnpMZIohnpfpkm--bFVtFhLt3EqzzpVLFAIx0ORW70Mg==
Age: 3534


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8025
Expires: Wed, 28 Sep 2022 12:28:18 GMT
Date: Wed, 28 Sep 2022 10:14:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HWe0zR1kGxuacETEPNdY-5JTC4OdbEf2fUJrwnhvujS7t5jnIrIGKQ==
age: 17167
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 10:14:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 10:03:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nPbtqC3Pu7DA7U6kRc_FA8hV96fh7hNfG3lRz6NcbpwVa-IZOiIDuw==
Age: 2700


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6364
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:33 GMT
Last-Modified: Wed, 28 Sep 2022 08:28:29 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TM30C4N+crCi7/wHn4VFFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4anw9ODKOzczN1mSJecVPrhR/zw=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "9565CCC3F69A2D6DB27A218851D61FDC6C63201CCA88CB121E3F7FDA4EE5F534"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 28 Sep 2022 11:14:34 GMT
Date: Wed, 28 Sep 2022 10:14:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    2ccef9fae77c0060989d3ce04eda4954
Sha1:   e1ee944e4daecf891571b9b2f8f4b54fd8c4b906
Sha256: 9565ccc3f69a2d6db27a218851d61fdc6c63201cca88cb121e3f7fda4ee5f534
                                        
                                            GET /cancel/debit/Yes/ HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Range: bytes=7948-
If-Range: Mon, 08 Aug 2022 20:09:38 GMT

                                         
                                         210.16.120.16
HTTP/1.1 206 Partial Content
Content-Type: text/html
                                        
Date: Wed, 28 Sep 2022 10:14:33 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 20:09:38 GMT
Accept-Ranges: bytes
Content-Length: 79723
Content-Range: bytes 7948-87670/87671
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22537), with CRLF line terminators
Size:   79723
Md5:    d7f56fbc8e0aed2b2ab7f0b207595285
Sha1:   fccd8763803e362569c7f636ce661942760a820b
Sha256: 97d3ce92489f48009a175194c9fb3d471a342a970ea06d261fb7b4aca63d99bd

Alerts:
  Blocklists:
    - openphish: Idaho Central Credit Union
    - fortinet: Phishing
                                        
                                            GET /production/icons/IdahoCentral/font/font-icons.css HTTP/1.1 
Host: assets.orb.alkamitech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.44
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-length: 8497
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:54:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: qv4zgBGFP50K.A4MByiQXfVJR_oFy3ck
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 10:14:35 GMT
cache-control: max-age=630720000, no-cache, no-transform, public
expires: Mon, 25 Aug 2042 21:53:41 GMT
etag: "1c28ae91d114e3499306cbb73a0cf082"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I2jBjJsJf0TOyeTXA3mM0wdxNRFvoxaxBEi_6Q9F_Mb9AmMDODbXkw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   8497
Md5:    1c28ae91d114e3499306cbb73a0cf082
Sha1:   3e7a2e878baa1e097a9699708b2e74ad4da4cdf1
Sha256: 5e48db38fa71a9041dc0a2bf689c6a52e4040f19673a8ec5eb68b9213b81e07a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4423
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:34 GMT
Last-Modified: Wed, 28 Sep 2022 09:00:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6558
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:34 GMT
Last-Modified: Wed, 28 Sep 2022 08:25:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 10:14:34 GMT
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7403321
expires: Mon, 18 Sep 2023 10:14:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3XLHUsxoyxOWzAamk%2Bx04R6NJPuXwDjUF0ogR1V%2BfonfU%2FgaVX22KOJsJgfo6IBf31ZJ3Vt35ph1%2B1k25QE2LT0rxR1E5lm2HC0lKAueAtI4%2BOK99pvIWzNKqyljJPmuvsOsIIE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751bb682fdbab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20322)
Size:   6458
Md5:    df9fe6d48e380554eb0ec9687bed3246
Sha1:   207263d754220200c1916edfbda262f62223ecf5
Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4423
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:34 GMT
Last-Modified: Wed, 28 Sep 2022 09:00:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /jquery-3.2.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 10:14:34 GMT
content-encoding: gzip
content-length: 30125
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664360074.dop026.sk1.t,1664360074.cds261.sk1.hn,1664360074.cds222.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   30125
Md5:    148f8d3ffd9cc02048c5f4d1cc83c407
Sha1:   9f2b89cfd151be6a29b4d43ad64d164fb8471046
Sha256: 4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
                                        
                                            GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.199.19.160
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 17361569
cache-control: public,max-age=31536000
date: Wed, 28 Sep 2022 10:14:34 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            GET /jquery-3.3.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 10:14:34 GMT
content-encoding: gzip
content-length: 24038
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664360074.dop222.sk1.t,1664360074.cds201.sk1.hn,1664360074.cds230.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65247)
Size:   24038
Md5:    0f2e7d37e730fdbb1d8a1e8638529ecb
Sha1:   c21d16978a858baa75be15cb7e799ff000929429
Sha256: cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
                                        
                                            GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 10:14:34 GMT
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3075260
expires: Mon, 18 Sep 2023 10:14:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw7yNE%2FMdeVFUk31sjNDT6C2mgZbL1E7UiXCm3CRcdFB1Bpf2R%2B3LfKsC3jo1%2BpGQYY7vPsQDg3I94l1z%2FtuajZdPprJRd%2BvlbqeRDuj%2BtUgCaUzT7Z6AKcFUJZ7Ok4nKdy5Raxj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751bb68308a9b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4517
Md5:    e40e054c5726f042bad463e3774a2777
Sha1:   5c9413b72837a440b327444104830c35ae3b052c
Sha256: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4423
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:34 GMT
Last-Modified: Wed, 28 Sep 2022 09:00:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3612
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 10:14:34 GMT
Last-Modified: Wed, 28 Sep 2022 09:14:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris-foundation.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:34 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:18 GMT
Accept-Ranges: bytes
Content-Length: 51310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (50964)
Size:   51310
Md5:    b8c864cda1f61ea4ffc57ba52f038a41
Sha1:   5c8784412d182c24f931531629a9bcf1455e9e76
Sha256: f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/css.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:34 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:12 GMT
Accept-Ranges: bytes
Content-Length: 2190
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2190
Md5:    97acb2e9d91232e52e0a1c1d080398dc
Sha1:   d3de8c063a9236eb0cb1a08d86bab68153033823
Sha256: 9a27f05d9ea8ad4565490e3c5f20ee8c7aa21bd9902ed8943f9bd0a4d9f74954
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris.shim.mobile.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:34 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:20 GMT
Accept-Ranges: bytes
Content-Length: 611
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (557)
Size:   611
Md5:    2b495c471e337eac5d280f5519c6fc53
Sha1:   285689d6b41833ced6b63a3f82892d2901d4039b
Sha256: 06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 10:14:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 10:14:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 10:14:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 44757
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: t_uz9vKifWkMj014gCS83STU-fnM39a49_LB5By3j9NqLpqfl8tKSA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:38 GMT
age: 44217
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7359
Md5:    46dc8f1499f4de5f03bd87a68c3c6c7b
Sha1:   0cd28a243f9704140ccb9eb1415a77fcccc7cf87
Sha256: 3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
age: 44671
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13299
Md5:    ad84ed0c5b2090df7996007514cf1984
Sha1:   651600f2ef18cecc2e38370069bbb5e1d86f68e0
Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:32:06 GMT
age: 45749
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: L2Of12XTKmTF2EPL4MHpJvBW7GNS8gSRs3FuUMB-RUpTZaY8ew_o_w==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:26:00 GMT
age: 17315
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9733
Md5:    f3e1fd3401c5e635a8dbeec5f78b721d
Sha1:   2142075b27d0d355c51231ab06fea46e25eb9c59
Sha256: 2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 44737
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris-components.shim.mobile.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:18 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (687)
Size:   915
Md5:    017e853767e051918649a58405ed9ec7
Sha1:   00bd5489213b470369c84e48493a6004a4818551
Sha256: cff89d4c6f0f1863f7d3e48ec06982b347c1ab656c2b590655eee47e06a98db5
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/isotope.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:24 GMT
Accept-Ranges: bytes
Content-Length: 14685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5685), with CRLF line terminators
Size:   14685
Md5:    cbea8b3b158166c4d66c97296b6de5a1
Sha1:   8d2bbe9bdf52feff172cc1f4498add317eacc3d8
Sha256: 8282735c40a60985c94bdd1923f7a5178abc9bc0b907b71c6d7d2baaead3486c
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris.android.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:34 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:24 GMT
Accept-Ranges: bytes
Content-Length: 97832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   97832
Md5:    6cbe72b331253f45cefadc34017bc798
Sha1:   850ce439b199c54426298f74c710479e64a1a87b
Sha256: 140d50926d28db75b90d58dbec98dc8388d4e9ca76f2c11ff7f68c5491d19767
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris-foundation.min-1.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:22 GMT
Accept-Ranges: bytes
Content-Length: 51310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (50964)
Size:   51310
Md5:    0160c354e11f9e1f2ffcd720f880dc2e
Sha1:   7c3b5681a9483a0f37110476e04375e7e88d8fcc
Sha256: 037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f
                                        
                                            GET /cancel/debit/Yes/AdditionalServices/Contact/EBranch/Career/style.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 14:01:14 GMT
Accept-Ranges: bytes
Content-Length: 414
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   414
Md5:    f9653fbeecf34b04791fee59eb3e253b
Sha1:   fcbbad7c6616682a22a9d0de09d715c61cb17722
Sha256: 7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/jquery-ui.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:26 GMT
Accept-Ranges: bytes
Content-Length: 28897
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (27086), with CRLF line terminators
Size:   28897
Md5:    414fd75aaf05d6e8d1f55f1344c3ac55
Sha1:   e5ecd6bce9dd97b187fc9cd07bfbca73c78db2cf
Sha256: a376e58d8801445934ef54c39f7b6c5245c9c229b910c1d62fcd4caed3356105
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/base.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:36 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:10 GMT
Accept-Ranges: bytes
Content-Length: 2204
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2160), with CRLF line terminators
Size:   2204
Md5:    b9a878ae53fbc745c04d73c0db31dbd8
Sha1:   02d1d82f465afd1111535c8fbbde0a62e4b2c686
Sha256: 9ab2090bfb0c86bdff1e4bd4948bfc24309ca516e88365bb4b3c6d5dc1653dd0
                                        
                                            GET /cancel/debit/Yes/AdditionalServices/Contact/EBranch/Career/actions.js HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 28 Sep 2022 10:14:36 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 13:48:10 GMT
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1291
Md5:    baef84e203e58801d16d5d460360570e
Sha1:   fc4e9a602bdb59fc7056cb6e53686ad6a992774e
Sha256: 8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/theme.mobile.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 17:01:40 GMT
Accept-Ranges: bytes
Content-Length: 113597
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   113597
Md5:    1af249d993c77297395544679633b118
Sha1:   5421a3a9a131f56150c19ee620780fccb23c1542
Sha256: 54ca927a6c5e02997371a855cb89b0d9d743c638c46a8cd61d47148602e52399
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/iris-components.min.css HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:22 GMT
Accept-Ranges: bytes
Content-Length: 192398
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65309)
Size:   192398
Md5:    efed3e3f6370b1f1e4bf7620e89b2471
Sha1:   e0833930b2f050e31796fa465c673d73eceef96b
Sha256: be62d354c566524d04269ae0aecdb24ddf557f986e3b98f797940a7d507bf2c5
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/1ca8ebd0.js HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 28 Sep 2022 10:14:35 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:26 GMT
Accept-Ranges: bytes
Content-Length: 628019
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (60538), with CRLF, LF line terminators
Size:   628019
Md5:    508aa7e5b5b3d2ded5a876cae0e58213
Sha1:   9a6e09fd3e898de27bcbd752d3efc5162c476420
Sha256: d47c1346c52c0852d822943bfca34fc528d65158de4aec5992b6c5f04b56aeff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "69CDF67D490CBBE575E9932198DE393EF7D257D39AB90F27F52D41A3253C6220"
Last-Modified: Tue, 27 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Wed, 28 Sep 2022 11:04:07 GMT
Date: Wed, 28 Sep 2022 10:14:37 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1588
Md5:    df5e8a2b82dd0d71c41468f5823d5c7e
Sha1:   c7d171a6b539e694c16f8c77c279b6365120338d
Sha256: 69cdf67d490cbbe575e9932198de393ef7d257d39ab90f27f52d41a3253c6220
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/app-store-badge.svg HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Wed, 28 Sep 2022 10:14:37 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:18 GMT
Accept-Ranges: bytes
Content-Length: 10850
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356), with CRLF line terminators
Size:   10850
Md5:    1b65926236d951b2af57201b275f595b
Sha1:   1ce3e7bf2853a59f0fc9ad064e1fd48260da0f38
Sha256: 86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/google-play-badge.svg HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Wed, 28 Sep 2022 10:14:37 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:18 GMT
Accept-Ranges: bytes
Content-Length: 9332
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   9332
Md5:    5e01637f08de80e8c27c414687738968
Sha1:   2d4fe2500bb550dc45c048e78aa62356fb4cbc2c
Sha256: 2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "82ED9C41B2A08A8EE7AA5106B5CBDD5E919C277AC4F31934899B2812C91C3676"
Last-Modified: Wed, 28 Sep 2022 09:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 28 Sep 2022 11:14:37 GMT
Date: Wed, 28 Sep 2022 10:14:37 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1585
Md5:    0e78eb4350faa493c02b5458d6ae9987
Sha1:   cda1ea4e22df35b5f237dadf7eebdf696397ed37
Sha256: 82ed9c41b2a08a8ee7aa5106b5cbdd5e919c277ac4f31934899b2812c91c3676
                                        
                                            GET /cancel/debit/Yes/AdditionalServices/Contact/EBranch/Career/loading.gif HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 28 Sep 2022 10:14:37 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 13:03:52 GMT
Accept-Ranges: bytes
Content-Length: 38636
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   38636
Md5:    d10ef01e81faa2c2d812bdf670b4e072
Sha1:   77d09a57b2091fd7665dff763a5eab23e0ff907e
Sha256: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
                                        
                                            GET /cancel/debit/Yes/About/ContactUs/BecomeAMember/CompanyProfile/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/css.css
Cookie: cdContextId=1; bmuid=1664360075105-13955072-190A-439D-BDE9-A44D483E6E93
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 28 Sep 2022 10:14:37 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cancel/debit/Yes/About/ContactUs/BecomeAMember/CompanyProfile/MobileLogo.png HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/isotope.min.css
Cookie: cdContextId=1; bmuid=1664360075105-13955072-190A-439D-BDE9-A44D483E6E93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 28 Sep 2022 10:14:37 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 10:14:37 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 04:19:03 GMT
Expires: Thu, 29 Sep 2022 04:19:03 GMT
ETag: "3f3a4e3ffbce4cb1bc045cce2bc4c4a0990600d5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    60ce5f0f04f3cb32c814407e17a79cf4
Sha1:   3f3a4e3ffbce4cb1bc045cce2bc4c4a0990600d5
Sha256: a5af095bca3ef642f85cb35b02caa0bc574a2cb94e4e4263888e522e96bbec52
                                        
                                            GET /Image/MobileLogo HTTP/1.1 
Host: myebranch.iccu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.218.35
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 10:14:38 GMT
content-length: 6884
cache-control: private, max-age=604800, s-maxage=0
expires: Wed, 05 Oct 2022 10:14:38 GMT
last-modified: Wed, 28 Sep 2022 10:14:38 GMT
x-content-type-options: nosniff
x-robots-tag: none
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-svr: WEB1663202
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 142530719e00000b494b801000000001
set-cookie: PackageAssignment=; path=/; secure; HttpOnly; SameSite=Strict PackageAssignment=; path=/; secure; HttpOnly; SameSite=Strict ob_sess=QjlCMEEzMkE3REYyM0VFNkJENTBBN0U3MThkODQ1ODQ0NDliMzM1ZjM5ODJiN2Y1ODcxZjJkM2I=; path=/; secure; HttpOnly; SameSite=Strict __cf_bm=z_dMrSC4dHSzihuYmGB5PiHJgJNzWYWjZ32IpHL0_x0-1664360078-0-AdLGb74DJOmTqczrQqQlqnDYJTKclvVNoobtKor5sIAs01hILYqxW4CNaFWIu9OkWn4AiAdn836Q5mX+l2ieFp4=; path=/; expires=Wed, 28-Sep-22 10:44:38 GMT; domain=.iccu.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 751bb695cc770b49-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 285 x 132, 8-bit/color RGBA, non-interlaced\012- data
Size:   6884
Md5:    793de00c2e5c94dfe4d879e33f78ef40
Sha1:   1fbca0c5c7261136ba2dcbf11b98c975d442e8f0
Sha256: 2dc417c13f956f7a5f91634d4629bcc1492ac237ba8839f8513227ae02b510d2
                                        
                                            GET /production/icons/IdahoCentral/font/Alkami.woff2 HTTP/1.1 
Host: assets.orb.alkamitech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://assets.orb.alkamitech.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.44
HTTP/2 200 OK
content-type: font/woff2
                                        
content-length: 42225
date: Wed, 28 Sep 2022 10:14:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:54:34 GMT
etag: "68a1c6b8524583dc37cdc2a6a8698a99"
x-amz-server-side-encryption: AES256
cache-control: max-age=630720000, no-cache, no-transform, public
content-encoding: gzip
expires: Mon, 25 Aug 2042 21:53:41 GMT
x-amz-version-id: 4.XeR2ogf8OnI8RmBceTwl32vowVdzIZ
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MNISnO598rttTVI6X-Osx0QzlW3Wv7-mQG7S4TEMR0t9PBoAT6GFAg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 42192, version 1.0\012- data
Size:   42225
Md5:    68a1c6b8524583dc37cdc2a6a8698a99
Sha1:   6c4c2bc1f57f2e7a09a941f8c49eeeac461192c9
Sha256: 129e2475b6e501d5d3b00edffc78aca22aaf0342132e84687a8e7e9c2861ae9f
                                        
                                            POST /client/v3.1/web/wup?cid=attina HTTP/1.1 
Host: wup-1ca8ebd0.us.v2.we-stats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.141.217.134
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 898
date: Wed, 28 Sep 2022 10:14:37 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: bff81e02-b3a3-4c2f-9aa8-22900a226f1d
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (898), with no line terminators
Size:   898
Md5:    0606c594c9bb039906dd26a8093caba5
Sha1:   eebd25091c673088489dbaeddf22d3ff2d1fd317
Sha256: daa0a0659dda052a6be420664ad043d9d3f65c94711a8e63b3c2e39d0a414e65
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/favicon-16x16.png HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Cookie: cdContextId=1; bmuid=1664360075105-13955072-190A-439D-BDE9-A44D483E6E93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 28 Sep 2022 10:14:38 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:20 GMT
Accept-Ranges: bytes
Content-Length: 453
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   453
Md5:    73e77c462e9cf12b81e6eadcca253f6a
Sha1:   d8594646b979c09f848519271a79f1042106297d
Sha256: d1ffdd528c8b988b8e8c5020c870bfce1a2bb5fa5b323cbf8576639dffa4db1b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 10:14:38 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:15:46 GMT
Expires: Mon, 03 Oct 2022 11:15:45 GMT
Etag: "3eca094f337b484fa34d4bbb6e57bbbb2dfd7149"
Cache-Control: max-age=435066,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb699d9630afa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 10:14:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 06:00:07 GMT
Expires: Tue, 04 Oct 2022 06:00:06 GMT
Etag: "a2a58632696a88e7f59197cef69b904cf1048934"
Cache-Control: max-age=502527,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb699dc54fabc-OSL

                                        
                                            GET /scripts/prod/crossdomain.html HTTP/1.1 
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.103
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 07:51:28 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Lz_duVYEBtl6Kz6m7w70qYCpsM8W7v01UfqT_BgAUSPXUDa5shKgtw==
age: 8591
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   221
Md5:    21e34cf6a03f570df49e212018a567d0
Sha1:   f0be4058936850ae0163f5137600d14b6632bbb3
Sha256: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
                                        
                                            GET /scripts/prod/crossdomain.html HTTP/1.1 
Host: 1.c81358859121583b7adf2ace89cb39f44.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.39
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 10:04:53 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AtR7lJrhpVp28WvBD5d14NiDpqKfaGXhTXi25CTEPfrW8yN2pq5ZYA==
age: 586
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   221
Md5:    21e34cf6a03f570df49e212018a567d0
Sha1:   f0be4058936850ae0163f5137600d14b6632bbb3
Sha256: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 10:14:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 00:17:20 GMT
Expires: Sun, 02 Oct 2022 00:17:19 GMT
Etag: "a29b4b75545fb24e3e8df8fb02a109b18fd98b15"
Cache-Control: max-age=309160,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751bb699dc61b4f3-OSL

                                        
                                            GET /scripts/prod/crossdomain.html HTTP/1.1 
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.29
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 14:26:38 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: siRb1k-MIlTb-WaMUQsfgY2SONuQ14nbD7QOdWm0tTvQFE5zrHT-uA==
age: 71281
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   221
Md5:    21e34cf6a03f570df49e212018a567d0
Sha1:   f0be4058936850ae0163f5137600d14b6632bbb3
Sha256: 0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
                                        
                                            GET /cancel/debit/Yes/BusinessHour/ATM/Security_Center/AccountAgreement/android-chrome-192x192.png HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmwvslexustexas.com/cancel/debit/Yes/
Cookie: cdContextId=1; bmuid=1664360075105-13955072-190A-439D-BDE9-A44D483E6E93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 28 Sep 2022 10:14:38 GMT
Server: Apache
Last-Modified: Sun, 24 Jul 2022 20:40:20 GMT
Accept-Ranges: bytes
Content-Length: 1384
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size:   1384
Md5:    617c4058b7a5608d8794cfb57c722d5e
Sha1:   f12b2ca683ad372cc2a27a2fb3ab39d86187d2cd
Sha256: 532ab0216976347b86739466a2366f058dacb5a6741aedd9242d0c898841692e
                                        
                                            GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1 
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.103
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 01:15:51 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cLxVONz-0IdDstlO59u8afMsxiqAXIyKIMaBXJe5kjiTvMzvq3_MLw==
age: 32328
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3227), with no line terminators
Size:   3227
Md5:    9ee48a4da9c402e8a23ad085fb71f28f
Sha1:   f0c59306d6313f9bee02b53ca8903991bd24bfd7
Sha256: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
                                        
                                            GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1 
Host: 1.c81358859121583b7adf2ace89cb39f44.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.39
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 02:16:47 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 14ZJKRgddYzAvAu7xTEj_eo9vzU4OWDbme4J4VnOhzGB1Hzr-ZJLHA==
age: 28672
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3227), with no line terminators
Size:   3227
Md5:    9ee48a4da9c402e8a23ad085fb71f28f
Sha1:   f0c59306d6313f9bee02b53ca8903991bd24bfd7
Sha256: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
                                        
                                            GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1 
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.29
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 07:33:20 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yolJOIZ3mLJQ3ANCOtyD8V1AHY8zKM8iuOOMD-xJ8Uq_fdS7BMHHsw==
age: 9679
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3227), with no line terminators
Size:   3227
Md5:    9ee48a4da9c402e8a23ad085fb71f28f
Sha1:   f0c59306d6313f9bee02b53ca8903991bd24bfd7
Sha256: 9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
                                        
                                            POST /client/v3.1/web/wup?cid=attina HTTP/1.1 
Host: wup-1ca8ebd0.us.v2.we-stats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2186
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.141.217.134
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 557
date: Wed, 28 Sep 2022 10:14:38 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 1de6283d-0292-4490-99af-2da0c701826f
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (557), with no line terminators
Size:   557
Md5:    ceb6b6d4e4208dce770711f28baef36e
Sha1:   ffbb2053985622ce8e8abd7e281495594c7c5cac
Sha256: 7c5f24521205fbf7ae086d32bc8ea677a379e915e1c4199c9f536494818917c2
                                        
                                            POST /client/v3.1/web/wup?cid=attina HTTP/1.1 
Host: wup-1ca8ebd0.us.v2.we-stats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1050
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.141.217.134
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 557
date: Wed, 28 Sep 2022 10:14:39 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 88b8af97-19e5-44a0-ac55-dc574889d943
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (557), with no line terminators
Size:   557
Md5:    cf863480c29d6fb1a5f27fcf5bc61b26
Sha1:   744396187835367f44a74df446a9f24d710ca32e
Sha256: a14904782529f3c1e78af741eb29f927d8c66928a955b0fb7dca2e5fdeaa759c
                                        
                                            POST /api/v1/sendLogs?cid=attina&cdsnum=1664360078233-sjn0000251-22db6b67-868d-492a-b468-96be514c4b5b&csid=null&ds=js&sdkVer=2.21.1.702.b35a966 HTTP/1.1 
Host: log-1ca8ebd0.us.v2.we-stats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1304
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.238.253.184
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 28 Sep 2022 10:14:41 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

                                        
                                            GET /cancel/debit/Yes/ HTTP/1.1 
Host: bmwvslexustexas.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         210.16.120.16
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 28 Sep 2022 10:14:33 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 20:09:38 GMT
Accept-Ranges: bytes
Content-Length: 87671
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Idaho Central Credit Union
    - fortinet: Phishing
                                        
                                            GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmwvslexustexas.com
Connection: keep-alive
Referer: https://bmwvslexustexas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 10:14:34 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/20/2022 03:07:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 4a5582fca5495b254a9b428ae9631f58
cdn-cache: HIT
cf-cache-status: HIT
age: 23
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751bb682f828fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---