r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10800
Expires: Thu, 24 Nov 2022 20:10:16 GMT
Date: Thu, 24 Nov 2022 17:10:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2049
Cache-Control: max-age=150904
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:16 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:05:20 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 16:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3078
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10345
Expires: Thu, 24 Nov 2022 20:02:41 GMT
Date: Thu, 24 Nov 2022 17:10:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PT2RjWUhmTsg2ELbgiMAKJ8Sc8O8Ap5uEPCihJebaBeyTtkZ6qM4LKUH4u8cmvP5MFTGPTKYfPjsMghm5+dR8A==
x-amz-request-id: JGDKM379WHEZZQMW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 16:43:28 GMT
age: 1608
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
159.65.159.37302 Found 239 B URL HTTP/1.1 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b3692c8631d7bb30511f1782d8aa3672
39e36cee8feba903e425267d4e37e91bd2bf6db8
064ec349af43c5dcfb077bb51e6e78b9b1ceeb557d6b9dc97edb1ece57f788d2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/ HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 17:10:16 GMT
Server: Apache
Location: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Content-Length: 239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 17:10:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 16:11:11 GMT
cache-control: public,max-age=3600
age: 3545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3547
Cache-Control: max-age=147340
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:16 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:05:56 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash da9374c64c43f051a94b686ae8abdffd
69ed36d3e8eca74467c2ba17fd1d2c28732e39ae
6d388e4de716e3c9b79d0ab8be5e7d18617a774d4d039806a7cc5f3989c9289f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D388E4DE716E3C9B79D0AB8BE5E7D18617A774D4D039806A7CC5F3989C9289F"
Last-Modified: Wed, 23 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Thu, 24 Nov 2022 23:09:03 GMT
Date: Thu, 24 Nov 2022 17:10:16 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6HMFrLtK7ZJCfab2VqScIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AY4ok436J/nAHST6/iwVU2H6KrQ=
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
159.65.159.37200 OK 5.5 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1272)
Hash 00b23907efcb9ccf5edf6b79409ad9b0
87be009a35c3acb9e19d82595be34c2bbfe8a950
cc8d7f1962487f3c9cf082a876536cb8240915fbffc54d42042fdad2de35e27a
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/ HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 5498
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1367
Cache-Control: max-age=117116
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 01:42:13 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1367
Cache-Control: max-age=117116
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 01:42:13 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2641
Cache-Control: max-age=118390
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:03:27 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d58537f9a8d81dcd840ca6d5cb869835
821d46329f63a6f2752d7f78ea09967df29cfa00
8135a2012e52cce502dea52ed379de9945364af16b33e4bbb363dbcfc0bc63e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2568
Cache-Control: max-age=144920
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637f2e89-1d7"
Expires: Sat, 26 Nov 2022 09:25:37 GMT
Last-Modified: Thu, 24 Nov 2022 08:42:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d58537f9a8d81dcd840ca6d5cb869835
821d46329f63a6f2752d7f78ea09967df29cfa00
8135a2012e52cce502dea52ed379de9945364af16b33e4bbb363dbcfc0bc63e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 628
Cache-Control: max-age=142980
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637f2e89-1d7"
Expires: Sat, 26 Nov 2022 08:53:17 GMT
Last-Modified: Thu, 24 Nov 2022 08:42:49 GMT
Server: ECS (amb/6B79)
X-Cache: HIT
Content-Length: 471
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nfcu-icons-768830b95a2661f7bb9a758382928bb3.css
159.65.159.37200 OK 1.9 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nfcu-icons-768830b95a2661f7bb9a758382928bb3.css
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 2c0fffafefc07fec89a065c580adedd0
98bbb50ac159a042ee480874fb5757de1acb0b51
f570730bb1bae4ac95abb796b0927c2964a99c1c6f50b0d9408669ff633344ac
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nfcu-icons-768830b95a2661f7bb9a758382928bb3.css HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "27eb-5ee3705075c78-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1887
content-type: text/css
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/all-768830b95a2661f7bb9a758382928bb3.css
159.65.159.37200 OK 11 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/all-768830b95a2661f7bb9a758382928bb3.css
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (50194), with CRLF line terminators
Hash 7e3b1e9d95a3f2b544f782ebf63e5ef8
c92876876f122bbbe39e642f9d8e65f913c72d2e
082439828501231370d2877ffa5cfa6e9169919a4d39533ff137369e0b261eab
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/all-768830b95a2661f7bb9a758382928bb3.css HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "c4cf-5ee3705074cd7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11008
content-type: text/css
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 61d55ac4271e9949aa14804c014e3c7f
cd8fd0c5c03f09b0c6f5565dc79478e1565d9a39
f97af34d6d7f16bfca9146a7493a3bcb94d11f8aeda68583dbdb8bdfd5f31c83
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 17:10:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:43:23 GMT
Expires: Wed, 30 Nov 2022 03:43:22 GMT
Etag: "cd8fd0c5c03f09b0c6f5565dc79478e1565d9a39"
Cache-Control: max-age=469384,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f3c1d76fd3b503-OSL
lptag.liveperson.net/tag/tag.js?site=11478817
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=11478817
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=11478817 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 61d55ac4271e9949aa14804c014e3c7f
cd8fd0c5c03f09b0c6f5565dc79478e1565d9a39
f97af34d6d7f16bfca9146a7493a3bcb94d11f8aeda68583dbdb8bdfd5f31c83
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 17:10:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:43:23 GMT
Expires: Wed, 30 Nov 2022 03:43:22 GMT
Etag: "cd8fd0c5c03f09b0c6f5565dc79478e1565d9a39"
Cache-Control: max-age=469384,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f3c1d769a9b524-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d58537f9a8d81dcd840ca6d5cb869835
821d46329f63a6f2752d7f78ea09967df29cfa00
8135a2012e52cce502dea52ed379de9945364af16b33e4bbb363dbcfc0bc63e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142352
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:17 GMT
Etag: "637f2e89-1d7"
Expires: Sat, 26 Nov 2022 08:42:49 GMT
Last-Modified: Thu, 24 Nov 2022 08:42:49 GMT
Server: nginx
Content-Length: 471
i.ibb.co/vJQQg1t/qqqq-Capture.png
51.210.32.132200 OK 507 B URL HTTP/2 i.ibb.co/vJQQg1t/qqqq-Capture.png
IP 51.210.32.132:0
File type PNG image data, 26 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a92719339b25dda9f0a8a296e17b583
c972fdda7fb9470974269da1a99cb42316f81ff7
4b77a9d672aa01c24849b5662188f0488d6e697aaee6134fc2b47021e14b2dba
GET /vJQQg1t/qqqq-Capture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: image/png
content-length: 507
last-modified: Fri, 18 Nov 2022 19:49:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/JycWp2v/wCapture.png
51.210.32.132200 OK 409 B URL HTTP/2 i.ibb.co/JycWp2v/wCapture.png
IP 51.210.32.132:0
File type PNG image data, 31 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash ecd97a9582131ba4c57a95e5348961f0
f562d8f8f5b0e58fe2bca863301b808fea91a171
eff9163f7b5baa2bc3fcfa649e35efd18c275d32a5a0960ff15030c1fea0afae
GET /JycWp2v/wCapture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: image/png
content-length: 409
last-modified: Fri, 18 Nov 2022 19:45:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nauth-768830b95a2661f7bb9a758382928bb3.css
159.65.159.37200 OK 1.3 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nauth-768830b95a2661f7bb9a758382928bb3.css
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 798605650e5e2901a56b6e2a03283fd3
b0af61971ce50e4f2abf3cc9aec4a5f1a5606460
a7b4cc299499a198de23b57ad5758b7dd462b911c595501c1275ac5d6429c9a8
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/nauth-768830b95a2661f7bb9a758382928bb3.css HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "1208-5ee3705070e57-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1334
content-type: text/css
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s_code.js
159.65.159.37200 OK 18 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s_code.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (954)
Hash ff81c2c46551e46b38c1012c8ab2b7cd
b146f0ad89c334255caab328db393f8bb4db7fd6
c64856c1c65f9597f7eddbe7316de32970f85bcfe6b4309feecc42512427ea49
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s_code.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "b995-5ee3705072d97-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18008
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 1.5 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 1a86176f2c88833e9dabbbbe766f8409
0259c57051d9c6089f63ed9af045e2c118dade2d
477353a4077e7f95aba065cb6d0bf868ed2f3af4a56c407bb6eeb4eb079c53cf
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "132c-5ee3705070e57-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1546
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 9.1 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (31148), with CRLF, LF line terminators
Hash 2f7b98b35a3a3b663dd3b681f3d12451
58f42c079bf812d4f6b5bdc9321f6ff6c0b17d86
9d20fa930de1fcc6c0399bb453689b60787f68bba6f25d54009e76f0d1e272d9
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "7aba-5ee370506feb7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9053
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 2.5 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash f8614888610451b1c4e0016a05a902ac
65d030323066210a93b2a153d83cdc03f2c8cfc6
d553e5b5f1e9a999e7bc8625785507c7c311d753aede3acb53fcbe2425af0cfd
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "1d3c-5ee370506ef17-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2498
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
159.65.159.37200 OK 22 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, ASCII text, with very long lines (384), with CRLF, CR line terminators
Hash 15b52b1444baaa5016854b6a38f1cc35
1ff47aa9efc17e164fb550b42d5229bac8fa9cd3
3591db7259e6e1428d264c05fd3bdec4732695b03aa1f06f476e2cbbf2550fef
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "21d38-5ee370506feb7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 21874
content-type: text/css
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6124
Expires: Thu, 24 Nov 2022 18:52:22 GMT
Date: Thu, 24 Nov 2022 17:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6124
Expires: Thu, 24 Nov 2022 18:52:22 GMT
Date: Thu, 24 Nov 2022 17:10:18 GMT
Connection: keep-alive
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 306 kB URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
Size 306 kB (306367 bytes)
Hash 62cd904adb19094ae88b2ea0a0eeb721
41990adb36968dc07d930cc3782532b84bd27e8e
bc12a5852e6bef629f7d6a98c990c4a582fd17c488692e1c78eda3c4788630e0
GET /le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:17 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6124
Expires: Thu, 24 Nov 2022 18:52:22 GMT
Date: Thu, 24 Nov 2022 17:10:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6124
Expires: Thu, 24 Nov 2022 18:52:22 GMT
Date: Thu, 24 Nov 2022 17:10:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 69671
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 69060
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 35994
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 69746
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 43550
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 68522
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 782 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (1213), with CRLF line terminators
Hash 9506101200c6e3ef3d3de3bf5ff1e7f3
1179096634ace29c378be78d819f23a893742529
aa93b1d73f0b88f880df468e1bdd51ee45a32e6839608bc0632e1281d87e9d34
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "cf2-5ee370506ef17-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 782
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 861 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash e1827f0e630abb3df3b1b09f60151710
b5cfe7dbd791ab73ca2bbefefb1aace022ab1fcc
f1a107da176734cee7cf9ba4c7889e0f19047dfb3545877896f1c97efc7892a3
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "95a-5ee3705076c18-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 861
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 1.1 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 40ebffa2ac7c3d11a5e12c0e2cc9893a
e8dd3b159cd41371e260d06f96d89190c7179dfd
d279facebbbfb2141abb7f63ddcc5bda7f860b68c03ac6e1b2fad7905e88813c
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "d4a-5ee3705072d97-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1073
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/api.js
159.65.159.37200 OK 553 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/api.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (850), with no line terminators
Hash 508d227339f6de9f28815e2bf2e51515
7a2c04fbaafb61ccbaf78978a800165a073915da
d49b398a910bd9a7ed2300787d13f9b8152340e637371c0b692d4e6ba0659524
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/api.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "352-5ee3705071df7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 553
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 2.7 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash cb3b97cd9cb889c9b4a072b54f1c3830
7d4b209569d923b9bcd422941e848207f401a3e0
986e3218896a5d1fec0ef3737646caa22fd7b09ded0cf4d3359846cb002c4170
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "2823-5ee3705075c78-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2701
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/le2-mtagconfig.js
159.65.159.37200 OK 5.4 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/le2-mtagconfig.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2088)
Hash 77030f36963693ebd41462b0da21d91b
0204d544980e39a111c67ce064968a72d387fe34
d2e3a8f994f5cbe4976d6c9630b5c109a3b5ef36eb990392fbbe135648a3274f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/le2-mtagconfig.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "4f6f-5ee3705074cd7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5367
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/contact-us-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 1.1 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/contact-us-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (451), with CRLF line terminators
Hash 2bda1ec8eebf853afd05e28a099389f2
43e29c838883eaa45b40ced10e67b863b2e70a97
16eb10aacb5be4e997453d0d2501d49e7d3a236828ee90f22cd3f913951a6d67
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/contact-us-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "478-5ee370506feb7"
accept-ranges: bytes
content-length: 1144
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5166-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 2.0 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5166-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (314), with CRLF line terminators
Hash aff5c48480cee49314b12b1469e11380
a95cd4ba713db9e4247e3b61edead9631100e534
89a821c2c4f26ce58357c1e2fe213e58de98e7a7dd0ddc17e2b3aedeb3a1beae
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5166-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "7e0-5ee3705072d97"
accept-ranges: bytes
content-length: 2016
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Mob_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 3.7 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Mob_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3660), with no line terminators
Hash a2b0e2d6d5de371a89f40e78fc6f6368
a4e3dc8ff731e09f9bf6e384891033efd106fe5c
2cca552b4d48760fdce1fb2c0a21e6bf09b6ada1f7e70f5b1f4b7b810367c630
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Mob_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "e4c-5ee3705070e57"
accept-ranges: bytes
content-length: 3660
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5159-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 5.0 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5159-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash f80a5f4423323524e8c1e6234c895e01
18875cf32d53ae8de0f026483cb0174d426e7636
d3c66738cff7fddc343adf5eed0f1ace982866d8beacbd1d699c45ce7cde17d8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5159-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "139a-5ee370506feb7"
accept-ranges: bytes
content-length: 5018
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5158-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 4.0 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5158-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 98a314ff48520ca333827348c37abb33
af59fc08a2832c095e38d8ce9154fbe4b6acdaa9
137f34c69c07dd3f6c1caf23bf0611cff6fe684b58ce75b22677abc149643001
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/Group5158-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "fd0-5ee3705070e57"
accept-ranges: bytes
content-length: 4048
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://navionline.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:26:57 GMT
expires: Thu, 23 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 78201
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://navionline.ga
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:26:57 GMT
expires: Thu, 23 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 78201
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg
159.65.159.37200 OK 26 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2787), with CRLF line terminators
Hash f2dc56626566e594b6319b42ed7d9c2f
1c36ba160c995bd0c6c868a7395a8f4007c044d8
efd41e50dc185b7cc8db18fb2cf0c2b242935dc1c41871eddb7e0bc5030c1962
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/NFCU_Logo-b128db0c7cc6f6336bdf252ade6918e0.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "66a0-5ee370506feb7"
accept-ranges: bytes
content-length: 26272
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1ef7a7da1fe138a27e46bb76cdd562b7
55f1f0f9e85778f6ff71a06823ea5dbfd4a5b6b1
1ee78ea161767acce9b6ca26ef31ed444d692ed458898440ee7069c6f7a7815f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 17:10:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:31:54 GMT
Expires: Tue, 29 Nov 2022 04:31:53 GMT
Etag: "55f1f0f9e85778f6ff71a06823ea5dbfd4a5b6b1"
Cache-Control: max-age=385894,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f3c1df6d49b503-OSL
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/img-BecomeAMember-b128db0c7cc6f6336bdf252ade6918e0.jpg
159.65.159.37200 OK 226 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/img-BecomeAMember-b128db0c7cc6f6336bdf252ade6918e0.jpg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=600, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=900], progressive, precision 8, 900x600, components 3\012- data
Size 226 kB (226520 bytes)
Hash 6ed85fb5671e714a7209b3f4e8530211
1be9bd0856486c0cd01c5f05ea97af43650f375b
a8b5f10f5ea57bcd5b5d8597f77b483fc8f4cbea20211955d2b5885b74549c17
Analyzer Verdict Alert quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/img-BecomeAMember-b128db0c7cc6f6336bdf252ade6918e0.jpg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "374d8-5ee370506feb7"
accept-ranges: bytes
content-length: 226520
content-type: image/jpeg
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/lhXFUB
159.65.159.37200 OK 202 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/lhXFUB
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Size 202 kB (202182 bytes)
Hash 09cda307d3d2c3ce249039aad92a7daf
bf4f5c345e265451bb1953f15348a0f316fad40d
25939f220c38d945f2ae4f69830e034fee59316410dac70da21c0fa2a21f2df5
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/lhXFUB HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "315c6-5ee3705072d97"
accept-ranges: bytes
content-length: 202182
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e1415c58f8a4d9c14043441d158603d4
124ec5d892861a822c01967c8958c4363eca8f3c
d2e81dd92c7ba98ba2f619c9c66abe4bacb75eefa6274e818da2d42b0f9b5e12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125464
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 17:10:18 GMT
Etag: "637eec92-1d7"
Expires: Sat, 26 Nov 2022 04:01:22 GMT
Last-Modified: Thu, 24 Nov 2022 04:01:22 GMT
Server: nginx
Content-Length: 471
analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
63.140.38.237302 Found 0 B URL HTTP/2 analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 63.140.38.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: analytics.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 24 Nov 2022 17:10:19 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 23 Nov 2022 17:10:19 GMT
last-modified: Fri, 25 Nov 2022 17:10:19 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31BFD2BDABF6406D-60000FD0B7CDCE9A[CE]; Path=/; Domain=navyfederal.org; Max-Age=63072000; Expires=Sat, 23 Nov 2024 17:10:10 GMT;
location: https://analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&pccr=true&vidn=31BFD2BDABF6406D-60000FD0B7CDCE9A&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1ef7a7da1fe138a27e46bb76cdd562b7
55f1f0f9e85778f6ff71a06823ea5dbfd4a5b6b1
1ee78ea161767acce9b6ca26ef31ed444d692ed458898440ee7069c6f7a7815f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 17:10:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:31:54 GMT
Expires: Tue, 29 Nov 2022 04:31:53 GMT
Etag: "55f1f0f9e85778f6ff71a06823ea5dbfd4a5b6b1"
Cache-Control: max-age=385893,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f3c1df6e57b524-OSL
analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&pccr=true&vidn=31BFD2BDABF6406D-60000FD0B7CDCE9A&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
63.140.38.237200 OK 43 B URL HTTP/2 analytics.navyfederal.org/b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&pccr=true&vidn=31BFD2BDABF6406D-60000FD0B7CDCE9A&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1
IP 63.140.38.237:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/nfcuprod/1/JS-1.6.3/s59629408721595?AQB=1&pccr=true&vidn=31BFD2BDABF6406D-60000FD0B7CDCE9A&ndh=1&pf=1&t=24%2F10%2F2022%2017%3A10%3A18%204%200&fid=47450CFDB004581B-07B86E84D123363C&ce=UTF-8&ns=nfcu&pageName=nfo%3Alogin&g=https%3A%2F%2Fnavionline.ga%2F7e1bb62ab6cb0ddc5e34097a1f48df3d%2F&c.&pageType=nfo&l1=nfo&l2=nfo%3Alogin&.c&cc=USD&server=nfo&c4=12%3A10PM&v4=12%3A10PM&c5=Thursday&v5=Thursday&c11=2016.08.16%7CJS%201.6.3&c51=D%3Dg&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: analytics.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://navionline.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 24 Nov 2022 17:10:19 GMT
expires: Wed, 23 Nov 2022 17:10:19 GMT
last-modified: Fri, 25 Nov 2022 17:10:19 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31BFD2BDCA9E2CAF-4000132579AE4566[CE]; Path=/; Domain=navyfederal.org; Max-Age=63072000; Expires=Sat, 23 Nov 2024 17:10:10 GMT;
etag: 3584815541000208384-4619834660056089957
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://navionline.ga
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 26797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/favicon.png
159.65.159.37200 OK 25 kB URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/favicon.png
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash dc57c6e72287615cea388e8a5e864169
756bf775900671a5e14850880a56b0e7adf7ad3a
7f94d039ad08fe8c228326306d141b43989a85abd560519e24f07ea2387d1d1e
Analyzer Verdict Alert quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/favicon.png HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "626b-5ee3705078b58"
accept-ranges: bytes
content-length: 25195
content-type: image/png
date: Thu, 24 Nov 2022 17:10:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b81a766cff2b1164287d8261627652c8
6af1fcade7a435f0999c62c283b44d789bbdd241
baf16fecd93f54cdd9c534612d6cfdee6c900a1006466d94f99e7394dceb26fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 17:10:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:37:43 GMT
Expires: Mon, 28 Nov 2022 23:37:42 GMT
Etag: "6af1fcade7a435f0999c62c283b44d789bbdd241"
Cache-Control: max-age=368241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f3c1eb2fe2b503-OSL
liveengage.navyfederal.org/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmy.navyfederal.org&site=11478817&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmy.navyfederal.org&site=11478817&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmy.navyfederal.org&site=11478817&env=prod&isCrossDomain=true HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:19 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:19 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.ttf
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.ttf
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.ttf HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:19 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.woff2
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.woff2
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/sourcesanspro-semibold-webfont.woff2 HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:18 GMT
server: Apache
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:17 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:17 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb30358x55647
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb30358x55647
IP 178.249.101.99:0
GET /api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb30358x55647 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveengage.navyfederal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:19 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:fac84432-8e14-43b0-a97d-2dc7069a31c9; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
ADRUM_BTa=R:35|g:fac84432-8e14-43b0-a97d-2dc7069a31c9|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:5; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 168
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
GET /api/account/11478817/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:18 GMT
content-type: application/javascript
vary: Accept
expires: Thu, 24 Nov 2022 17:10:18 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/bg_globe.png
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/bg_globe.png
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/bg_globe.png HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:18 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s.svg
159.65.159.37200 OK 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/s.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "2577-5ee3705075c78"
accept-ranges: bytes
content-length: 9591
content-type: image/svg+xml
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/icons.png
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/icons.png
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/icons.png HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:18 GMT
server: Apache
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fnavionline.ga&site=11478817&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fnavionline.ga&site=11478817&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fnavionline.ga&site=11478817&env=prod&isCrossDomain=true HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:19 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:19 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:19 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:22|g:9d96c8ed-25cd-415d-b1e3-8d0dcd534a44; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
ADRUM_BTa=R:22|g:9d96c8ed-25cd-415d-b1e3-8d0dcd534a44|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/; Secure
ADRUM_BT1=R:22|i:2241585; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
ADRUM_BT1=R:22|i:2241585|e:5; Max-Age=30; Expires=Thu, 24-Nov-2022 17:10:49 GMT; Path=/
vary: Accept
expires: Thu, 24 Nov 2022 17:11:19 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
IP 178.249.101.23:0
GET /lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:17 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
159.65.159.37200 OK 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Nov 2022 13:02:38 GMT
etag: "48e06-5ee3705074cd7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
date: Thu, 24 Nov 2022 17:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/nfcu-icons.woff
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/nfcu-icons.woff
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/fonts/nfcu-icons.woff HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:18 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 17:10:17 GMT
date: Thu, 24 Nov 2022 17:10:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 17:10:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 24 Nov 2023 17:10:17 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/img-billboard-BG.svg
159.65.159.37404 Not Found 0 B URL HTTP/2 navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/img-billboard-BG.svg
IP 159.65.159.37:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /7e1bb62ab6cb0ddc5e34097a1f48df3d/images/css/img-billboard-BG.svg HTTP/1.1
Host: navionline.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navionline.ga/7e1bb62ab6cb0ddc5e34097a1f48df3d/index_files/responsivemain-768830b95a2661f7bb9a758382928bb3.css
Cookie: s_fid=47450CFDB004581B-07B86E84D123363C; gpv_page=nfo%3Alogin; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 17:10:18 GMT
server: Apache
X-Firefox-Spdy: h2