Report - ac.financialfinesse.com/lt.php?x=3TZy~GDEJqKcEHN90_9OVOFwAXAhv_MijhoxZ5c7IaTND87.y0y.0OVu3HVzjdD1lfYvbHPIJXOeUs.8.Q_

Report Overview

Visited public
2025-07-08 17:51:26
Tags
Submit Tags
URL
ac.financialfinesse.com/lt.php?x=3TZy~GDEJqKcEHN90_9OVOFwAXAhv_MijhoxZ5c7IaTND87.y0y.0OVu3HVzjdD1lfYvbHPIJXOeUs.8.Q__VOJy13-okNP
Finishing URL
secure.ascensus.com/login/Participant
IP / ASN
104.17.203.31
#13335 CLOUDFLARENET
Title
Ascensus - Participant Login

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
secure.ascensus.com	unknown	1996-11-26	2018-06-20	2025-07-03	7.5 kB	715 kB	141.193.122.41
tealeaf.ascensus.com	unknown	1996-11-26	2024-02-26	2025-07-03	1.6 kB	1.3 kB	141.193.122.13
ac.financialfinesse.com	unknown	1999-05-29	2021-03-03	2025-07-08	596 B	66 kB	104.17.203.31
use.typekit.net	494	2010-08-02	2012-07-05	2025-07-02	2.3 kB	88 kB	23.36.77.81
p.typekit.net	620	2010-08-02	2012-05-23	2025-07-02	543 B	340 B	23.36.77.91
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-07-02	440 B	397 kB	142.250.74.136
tealeaf.retsupport.com	unknown	2006-12-06	2025-05-19	2025-07-03	432 B	248 kB	141.193.122.13
d21y75miwcfqoq.cloudfront.net	unknown	2008-04-25	2021-04-09	2025-07-01	451 B	609 B	54.230.245.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	secure.ascensus.com/login/Participant	ScriptElement	203 B	2024-12-11	2025-07-12
Pretty URL secure.ascensus.com/login/Participant IP 141.193.122.41 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-11 21:38 Last Seen2025-07-12 15:50 Times Seen4 Hash 43187027339e4e1d9294292d1e56bc48 a414813b063f6d387b72ba47e81b49e990589b67 0c2f86d5a7bb38cdd3dbc4c21d045533576493644aa9d17030e0778193348a49 Loading...

	secure.ascensus.com/login/Participant	ScriptElement	35 B	2024-12-11	2025-07-12
Pretty URL secure.ascensus.com/login/Participant IP 141.193.122.41 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-11 21:38 Last Seen2025-07-12 15:50 Times Seen4 Hash 6c0e9b638eda5018a448c246e884e80c dfed59eedbf0df759d0111fa41cd6b9419ebbaa6 972b1c429ec1e91a2d87f684738ca23dc9c7edc8765d0e642649e87a1f24920b Loading...

	www.googletagmanager.com/gtag/js?id=G-SX8TK6F362	ScriptElement	1.0 kB	2025-07-03	2025-07-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-SX8TK6F362 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-03 10:32 Last Seen2025-07-08 17:51 Times Seen2 Hash 92120e7fddc603f8edece070fbdd82f7 609652aa433f0a40e98ae22ed7d4a7f3130b1ae4 8ae895a4353f8e06e3381fe97d60918ae811d1a9db37907045a2bd75b4e56761 Loading...

	tealeaf.retsupport.com/tealeaf.6.4.60.js	ScriptElement	248 kB	2025-03-26	2025-07-12
Pretty URL tealeaf.retsupport.com/tealeaf.6.4.60.js IP 141.193.122.13 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-26 08:23 Last Seen2025-07-12 15:50 Times Seen5 Hash c9c00cf7d1788c21ac90bf1cb01a5a01 07d75efb3783487a17a1851fc400b608ff88f919 ee361adb6c1661fb20d30b9df3611ffd10d06d6fc496c0412f0a25ad765ba6fe Loading...

	secure.ascensus.com/login/Scripts/common.js?v=2025.6.18.781	ScriptElement	3.1 kB	2024-12-11	2025-07-12
Pretty URL secure.ascensus.com/login/Scripts/common.js?v=2025.6.18.781 IP 141.193.122.41 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 21:38 Last Seen2025-07-12 15:50 Times Seen4 Hash d4334c0a98ccfc5a2ce48f84fdf29a42 dd73f254ef402e72d0c568231e5f1984fd702ab2 5adba8664df13bc1e71f011452756a90acc0b39dfd0b6af8c7ab80c3d2af8b22 Loading...

	secure.ascensus.com/login/Participant	ScriptElement	55 kB	2024-12-11	2025-07-12
Pretty URL secure.ascensus.com/login/Participant IP 141.193.122.41 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-11 21:38 Last Seen2025-07-12 15:50 Times Seen4 Hash f42ee01d6fca90263bc0aca15c9cd857 a5969f3aca3f32a02d46c14c52c684e1ac1d7941 c7410c15a99174406d2144e7677b3491d47f6b9af9959cee94299b3101585327 Loading...

	secure.ascensus.com/login/Scripts/digitalFingerprint.min.js	ScriptElement	1.0 kB	2025-06-25	2025-07-08
Pretty URL secure.ascensus.com/login/Scripts/digitalFingerprint.min.js IP 141.193.122.41 ASN #12152 AS12152 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-25 14:43 Last Seen2025-07-08 17:51 Times Seen2 Hash 0878b2fd3c79623a932f698dbcd0ab83 4ae5e4c72e46ac8f5ff9ae218cab77711bbb35a9 44a51ed7e75267f3aa30b8e872343d2acdc70c0d303cf77487c5a9d59aee4ec3 Loading...

HTTP Transactions (22)

	URL	IP	Response	Size
	GET d21y75miwcfqoq.cloudfront.net/0b7a6bad	54.230.245.228	200 OK	68 B
URL GET d21y75miwcfqoq.cloudfront.net/0b7a6bad IP 54.230.245.228:443 ASN #16509 AMAZON-02 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerAmazon Subject.cloudfront.net Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72 ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced Size 68 B (68 bytes) Hash 91e42db1c66c0b276abf6234dc50b2eb c1986af3c26609b8b7d8933f99c51c1a89e9ea6b 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 HTTP Headers `GET /0b7a6bad HTTP/1.1 Host: d21y75miwcfqoq.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 68 date: Tue, 08 Jul 2025 17:51:08 GMT last-modified: Wed, 20 Apr 2022 12:33:19 GMT etag: "91e42db1c66c0b276abf6234dc50b2eb" x-amz-server-side-encryption: AES256 cache-control: no-cache, no-store x-amz-version-id: null accept-ranges: bytes server: AmazonS3 x-cache: Miss from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: RA0tnG8q7upGQq5ybXJCKdVyxxHjcbj8SIno0ROsk3eKi3ibU2NfvQ== X-Firefox-Spdy: h2

	GET secure.ascensus.com/favicon.ico?v=2025.6.18.781	141.193.122.41	200 OK	15 kB
URL GET secure.ascensus.com/favicon.ico?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 15 kB (15406 bytes) Hash 73bca4e36984fd9c20927b507d5a98e7 f4da0f8f2a6c5bd3bfccf4d6f2c2f3a440e4c4cd ce033ca2ca5683d296928bdbff0a1ca802383cb5e1bbe823df2468b89d834e41 HTTP Headers GET /favicon.ico?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8; _ga_SX8TK6F362=GS2.1.s1751997066$o1$g0$t1751997066$j60$l0$h0; _ga=GA1.1.479876175.1751997066 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Cache-Control: private, max-age=3600 Content-Type: image/x-icon Expires: Tue, 08 Jul 2025 18:51:05 GMT Last-Modified: Tue, 08 Jul 2025 17:51:05 GMT X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Date: Tue, 08 Jul 2025 17:51:05 GMT Content-Length: 15406`

	POST tealeaf.ascensus.com/tealeaf.asp	141.193.122.13	200 OK	54 B
URL POST tealeaf.ascensus.com/tealeaf.asp IP 141.193.122.13:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type ASCII text, with no line terminators Size 54 B (54 bytes) Hash d7ca6cfbfcc7f074ee7724b05b9c2f9c 72904b5a24d112a5f2cb74803ec01bbab05da0fa bbff25ee676b6ca446b60c9422ecd79931eded09730e8d93c917a24ca420cd8a HTTP Headers POST /tealeaf.asp HTTP/1.1 Host: tealeaf.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://secure.ascensus.com/ Content-Type: application/json X-PageId: P.MB4JCPEJS9J9L5SFCZL4ZLRJ3YN4 X-Tealeaf: device (UIC) Lib/6.4.60 X-TealeafType: GUI X-TeaLeaf-Page-Url: /login/Participant X-Tealeaf-SyncXHR: false X-Tealeaf-MessageTypes: 1,2,7,12,14 X-Tealeaf-SaaS-TLTSID: 80640934979946259654864646190906 X-Tealeaf-SaaS-TLTDID: 45373849795346071101553402494577 Content-Encoding: gzip X-Requested-With: fetch Content-Length: 8371 Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Vary: Origin, Accept-Encoding Server: Microsoft-IIS/10.0 Set-Cookie: TLTSID=80640934979946259654864646190906; path=/ ASPSESSIONIDQCTTQCQB=IEKLPLBCJINMKCDFPOPFNBFH; path=/ ASCENSUS_cookie=!aqyWzhj0wYvQlpd/umStwMnknuP4ZbwlmVDK3vdKtnHgST+R4TrryyEhwjTZJNlDE/GdSPatqJUfVuXPpdnc0Us3+NR3XccrnxCBA7tb2w==; path=/; Httponly; Secure;HttpOnly;Secure Access-Control-Allow-Origin: https://secure.ascensus.com Access-Control-Allow-Credentials: true Date: Tue, 08 Jul 2025 17:51:09 GMT Content-Length: 54

	GET ac.financialfinesse.com/lt.php?x=3TZy~GDEJqKcEHN90_9OVOFwAXAhv_MijhoxZ5c7IaTND87.y0y.0OVu3HVzjdD1lfYvbHPIJXOeUs.8.Q__VOJy13-okNP	104.17.203.31	302 Found	64 kB
URL User Request GET ac.financialfinesse.com/lt.php?x=3TZy~GDEJqKcEHN90_9OVOFwAXAhv_MijhoxZ5c7IaTND87.y0y.0OVu3HVzjdD1lfYvbHPIJXOeUs.8.Q__VOJy13-okNP IP 104.17.203.31:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectac.financialfinesse.com Fingerprint29:33:FB:7E:0C:99:61:7C:C5:7D:02:4E:E5:70:41:8E:59:30:06:DC ValidityWed, 25 Jun 2025 08:57:23 GMT - Tue, 23 Sep 2025 09:57:21 GMT File type Size 64 kB (64328 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /lt.php?x=3TZy~GDEJqKcEHN90_9OVOFwAXAhv_MijhoxZ5c7IaTND87.y0y.0OVu3HVzjdD1lfYvbHPIJXOeUs.8.Q__VOJy13-okNP HTTP/1.1 Host: ac.financialfinesse.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Tue, 08 Jul 2025 17:51:04 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://secure.ascensus.com/login/Participant cache-control: no-store, no-cache, must-revalidate expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache x-content-type-options: nosniff x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/ x-request-id: f46b7f25d73ff6e1d496250ab0840aca x-robots-tag: noindex cf-cache-status: DYNAMIC set-cookie: PHPSESSID=c9742725465d2a5817cfd591d40ecd6b; path=/; HttpOnly; SameSite=Lax cmp252352779=2d70d63bb7ec5261170a02e6c6ee7c77; expires=Thu, 07-Aug-2025 17:51:04 GMT; Max-Age=2592000; path=/; domain=.ac.financialfinesse.com; secure; SameSite=Lax __cf_bm=3C_eZxfGEWI6vo4NALi6xeqHfyUTr.HBo1OUxtY0bt4-1751997064-1.0.1.1-Bn9iFnTbGILmEs0hbyus4uE2wB6VLskxeCkeSj_3dqCm9mvS7V.8xli4o84J0wv4RJjEc.7gkQxitrGlfPBUnLwrxrYQP6jnQMLUfAz4gZU; path=/; expires=Tue, 08-Jul-25 18:21:04 GMT; domain=.ac.financialfinesse.com; HttpOnly; Secure; SameSite=None strict-transport-security: max-age=63072000; includeSubDomains; preload server: cloudflare cf-ray: 95c16d746b500b51-OSL X-Firefox-Spdy: h2

	GET use.typekit.net/af/ab3e12/000000000000000077359d4f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3	23.36.77.81	200 OK	27 kB
URL GET use.typekit.net/af/ab3e12/000000000000000077359d4f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 IP 23.36.77.81:443 ASN #20940 Akamai International B.V. Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 27260, version 1.0 Size 27 kB (27260 bytes) Hash 10a9c4618c14400c96ac227250c50d01 17f77aa2c9009956d14f8f8991f37fb0bb1e04ad 19b3e5c2dffad631ea6bd0c1ca7a857b36b6a2618591567536c0146299e907fa HTTP Headers GET /af/ab3e12/000000000000000077359d4f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 27260 etag: "d9a121a3ad533c4b3e87884f79ace56d857b6e06" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Tue, 08 Jul 2025 17:51:06 GMT akamai-grn: 0.474d2417.1751997066.1df8ec2 X-Firefox-Spdy: h2`

	GET p.typekit.net/p.css?s=1&k=lyr7ktz&ht=tk&f=14032.14033.14034.14035.14036.14037.14038.14039.49587.49588.29382.29383&a=54849576&app=typekit&e=css	23.36.77.91	200 OK	5 B
URL GET p.typekit.net/p.css?s=1&k=lyr7ktz&ht=tk&f=14032.14033.14034.14035.14036.14037.14038.14039.49587.49588.29382.29383&a=54849576&app=typekit&e=css IP 23.36.77.91:443 ASN #20940 Akamai International B.V. Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT File type ASCII text Size 5 B (5 bytes) Hash 83d24d4b43cc7eef2b61e66c95f3d158 f0cafc285ee23bb6c28c5166f305493c4331c84d 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb HTTP Headers GET /p.css?s=1&k=lyr7ktz&ht=tk&f=14032.14033.14034.14035.14036.14037.14038.14039.49587.49588.29382.29383&a=54849576&app=typekit&e=css HTTP/1.1 Host: p.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx content-type: text/css content-length: 5 last-modified: Sun, 01 Dec 2024 12:58:09 GMT etag: "674c5d61-5" cache-control: public, max-age=604800 access-control-allow-origin: * cross-origin-resource-policy: cross-origin accept-ranges: bytes date: Tue, 08 Jul 2025 17:51:06 GMT X-Firefox-Spdy: h2`

	GET secure.ascensus.com/login/Participant	141.193.122.41	200 OK	64 kB
URL User Request GET secure.ascensus.com/login/Participant IP 141.193.122.41:443 ASN #12152 AS12152 Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (54252), with CRLF line terminators Size 64 kB (64328 bytes) Hash ad260f0a06ceebb5e9dc7e28fe5e9a01 bd4adacb69d2112b22c9b9164a1ec0039f84dbcc e5acf83ba2fe3dc94a42fa4551fd258b8bf94b2237d7c434efd8a3a8bc778df2 HTTP Headers `GET /login/Participant HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: -1 Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:02 GMT Content-Length: 26892 Set-Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; path=/; secure; HttpOnly; SameSite=None TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8; Path=/; Domain=.secure.ascensus.com;

	GET secure.ascensus.com/login/wwwroot/styles/styles.css?v=2025.6.18.781	141.193.122.41	200 OK	171 kB
URL GET secure.ascensus.com/login/wwwroot/styles/styles.css?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 171 kB (171317 bytes) Hash bdcf6fe9d84d5f8f55327f1794b64373 4879065822d84bdf6e15610d54b8f80d3da2201c 9d801b1ab3542fcaee8105dae9db284ca8622aa5a04fd61802960984939da057 HTTP Headers GET /login/wwwroot/styles/styles.css?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/css Content-Encoding: gzip Last-Modified: Wed, 18 Jun 2025 16:25:20 GMT Accept-Ranges: bytes ETag: "05864956de0db1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:04 GMT Content-Length: 23264`

	GET secure.ascensus.com/login/wwwroot/styles/ASCENSUS/lpSite.css?v=2025.6.18.781	141.193.122.41	200 OK	1.4 kB
URL GET secure.ascensus.com/login/wwwroot/styles/ASCENSUS/lpSite.css?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type ASCII text, with very long lines (1341) Size 1.4 kB (1380 bytes) Hash fb819dd28aa9e14ace51ba11ccca925b 0c0c94d1a91c2654d8dfeb89984b996ab77387ed 115d5e4a0b6540bb96aa9072115890d5a115d1d6b854682f48388a91af9d8fa6 HTTP Headers GET /login/wwwroot/styles/ASCENSUS/lpSite.css?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/css Content-Encoding: gzip Last-Modified: Wed, 18 Jun 2025 16:25:20 GMT Accept-Ranges: bytes ETag: "05864956de0db1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:03 GMT Content-Length: 729`

	GET secure.ascensus.com/login/Scripts/common.js?v=2025.6.18.781	141.193.122.41	200 OK	3.1 kB
URL GET secure.ascensus.com/login/Scripts/common.js?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 3.1 kB (3127 bytes) Hash d4334c0a98ccfc5a2ce48f84fdf29a42 dd73f254ef402e72d0c568231e5f1984fd702ab2 5adba8664df13bc1e71f011452756a90acc0b39dfd0b6af8c7ab80c3d2af8b22 HTTP Headers GET /login/Scripts/common.js?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Tue, 17 Jun 2025 19:05:34 GMT Accept-Ranges: bytes ETag: "0935ecdbadfdb1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:05 GMT Content-Length: 1026`

	GET secure.ascensus.com/login/wwwroot/vendors.bundle.js?v=2025.6.18.781	141.193.122.41	200 OK	137 kB
URL GET secure.ascensus.com/login/wwwroot/vendors.bundle.js?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65464) Size 137 kB (137444 bytes) Hash d4bc4821c24ce6232a3b696f72c1dcf8 2747db03e9f9fafb28022a74025f1384f01ba05c 09e4161273d340097a2e0324a7fce43934349bf2ef575340269d14b50aebefaa HTTP Headers GET /login/wwwroot/vendors.bundle.js?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Wed, 18 Jun 2025 16:25:20 GMT Accept-Ranges: bytes ETag: "05864956de0db1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:04 GMT Content-Length: 44655`

	GET secure.ascensus.com/login/wwwroot/pattern-library.bundle.js?v=2025.6.18.781	141.193.122.41	200 OK	218 kB
URL GET secure.ascensus.com/login/wwwroot/pattern-library.bundle.js?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65452) Size 218 kB (217964 bytes) Hash 058bfd2c46b12ad9965388244b62bcf7 bebe99bb8dd588dca5c8eb60eeea9eea5d7fff71 3206cf3bc7b9e1c28788b806b96315b618d54bd84251f8aea553881528995c59 HTTP Headers GET /login/wwwroot/pattern-library.bundle.js?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Wed, 18 Jun 2025 16:25:20 GMT Accept-Ranges: bytes ETag: "05864956de0db1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:04 GMT Content-Length: 57943`

	GET use.typekit.net/af/c11a71/000000000000000077359d5e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3	23.36.77.81	200 OK	30 kB
URL GET use.typekit.net/af/c11a71/000000000000000077359d5e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 IP 23.36.77.81:443 ASN #20940 Akamai International B.V. Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 29856, version 1.0 Size 30 kB (29856 bytes) Hash ecda947e9b27578c6bf1cd8499192ce4 8350d742bc47dfe18dd283a8523bf0cb942d6787 72c8f38ea0d1228e5421276a2d0e6d71d18d05df8fd792b51115c7e587932141 HTTP Headers GET /af/c11a71/000000000000000077359d5e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 29856 etag: "161809dd1156fbaf4d4e20d0a7ceda17cca7b7d2" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Tue, 08 Jul 2025 17:51:06 GMT akamai-grn: 0.474d2417.1751997066.1df8ece X-Firefox-Spdy: h2`

	GET www.googletagmanager.com/gtag/js?id=G-SX8TK6F362	142.250.74.136	200 OK	396 kB
URL GET www.googletagmanager.com/gtag/js?id=G-SX8TK6F362 IP 142.250.74.136:443 ASN #15169 GOOGLE Requested by https://secure.ascensus.com/login/Participant Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint06:CD:2A:9C:6E:F9:40:51:AA:E0:81:4A:BB:69:6C:BA:FA:AD:AB:4D ValidityTue, 17 Jun 2025 20:01:48 GMT - Tue, 09 Sep 2025 20:01:47 GMT File type JavaScript source, ASCII text, with very long lines (6004) Size 396 kB (395883 bytes) Hash 758789f469350ebdb9ca63088d2d83d2 ba028f730ee908dbd6c21b754c41d68306004eb5 6ea47a571989d1f70093d9d0d831bfb59afcfeac8e8dc55c4e1bedb593026ab4 HTTP Headers `GET /gtag/js?id=G-SX8TK6F362 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 08 Jul 2025 17:51:06 GMT expires: Tue, 08 Jul 2025 17:51:06 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0 report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],} server: Google Tag Manager content-length: 132197 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET tealeaf.retsupport.com/tealeaf.6.4.60.js	141.193.122.13	200 OK	248 kB
URL GET tealeaf.retsupport.com/tealeaf.6.4.60.js IP 141.193.122.13:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectretsupport.com FingerprintC8:3A:29:E6:FB:01:ED:EC:42:2F:3D:57:51:7E:05:79:28:AD:8F:71 ValidityWed, 11 Dec 2024 00:00:00 GMT - Wed, 10 Dec 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (37442), with CRLF line terminators Size 248 kB (248048 bytes) Hash c9c00cf7d1788c21ac90bf1cb01a5a01 07d75efb3783487a17a1851fc400b608ff88f919 ee361adb6c1661fb20d30b9df3611ffd10d06d6fc496c0412f0a25ad765ba6fe HTTP Headers `GET /tealeaf.6.4.60.js HTTP/1.1 Host: tealeaf.retsupport.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/x-javascript Last-Modified: Thu, 31 Oct 2024 12:42:09 GMT Accept-Ranges: bytes ETag: "b571454d922bdb1:0" Server: Microsoft-IIS/10.0 Date: Tue, 08 Jul 2025 17:51:04 GMT Set-Cookie: ASCENSUS_cookie=!TY6j2FheDfjRDwx/umStwMnknuP4ZSyPi0Bzl3pmegodwGnbun54f8+aaFzKlYPWBtpmcGFN0sB01G8+dJR+GtmL8mMOXPCuCGkzGTNXoQ==; path=/; Httponly; Secure;HttpOnly;Secure Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked`

	OPTIONS tealeaf.ascensus.com/tealeaf.asp	141.193.122.13	204 No Content	0 B
URL OPTIONS tealeaf.ascensus.com/tealeaf.asp IP 141.193.122.13:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /tealeaf.asp HTTP/1.1 Host: tealeaf.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-tltdid,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype Referer: https://secure.ascensus.com/ Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 204 No Content Vary: Origin Server: Microsoft-IIS/10.0 Access-Control-Allow-Origin: https://secure.ascensus.com Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: DELETE, GET, POST, OPTIONS Access-Control-Allow-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-tltdid,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype Date: Tue, 08 Jul 2025 17:51:09 GMT Set-Cookie: ASCENSUS_cookie=!33wiYiLVnJwHBot/umStwMnknuP4ZRNJuz16ijB9QaND0tKNTnlS8KTXdiQskMWMhRPyBm9bukdAWwIuEW0aKESwQPDvbS20Vq28yLFpdA==; path=/; Httponly; Secure;HttpOnly;Secure

	GET use.typekit.net/af/42c76d/00000000000000007735ede8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3	23.36.77.81	200 OK	21 kB
URL GET use.typekit.net/af/42c76d/00000000000000007735ede8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 IP 23.36.77.81:443 ASN #20940 Akamai International B.V. Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 20568, version 1.0 Size 21 kB (20568 bytes) Hash e9bc67c357b438bcd87bf8195be35744 c0b974be29524af0246b139fed3dfb407a675d56 01682516b243b5807065607bccc26e54ec01069e544b557c844758defd769dd4 HTTP Headers GET /af/42c76d/00000000000000007735ede8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 20568 etag: "956df34355586d2c4134a92f87790faa9613fc4e" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Tue, 08 Jul 2025 17:51:08 GMT akamai-grn: 0.474d2417.1751997068.1dfa0f8 X-Firefox-Spdy: h2`

	GET secure.ascensus.com/login/Scripts/digitalFingerprint.min.js	141.193.122.41	200 OK	48 kB
URL GET secure.ascensus.com/login/Scripts/digitalFingerprint.min.js IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (47903), with CRLF line terminators Size 48 kB (47961 bytes) Hash 7deaf20a3b519863b178cca16a8da821 da8f254ce8b01be1ae26b62f60f0ffc9501b9171 9c47a785bf5e035097e82efd9dc0fa116802cbb9d375fa71310cfe025841c53e HTTP Headers GET /login/Scripts/digitalFingerprint.min.js HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Tue, 17 Jun 2025 19:05:34 GMT Accept-Ranges: bytes ETag: "0935ecdbadfdb1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:03 GMT Content-Length: 16840`

	GET secure.ascensus.com/common/publicIntegration/loginLogo	141.193.122.41	200 OK	2.7 kB
URL GET secure.ascensus.com/common/publicIntegration/loginLogo IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type PNG image data, 225 x 45, 8-bit/color RGBA, non-interlaced Size 2.7 kB (2666 bytes) Hash ff5f0a348525ac5ca1d7822d43fba973 a3ea77cd6dea089318c9edc6f5ce907f3782c3f5 09a28e4c0e57cd5f598c361b9b61beb4ac52984337aff98370901a668580b9b1 HTTP Headers GET /common/publicIntegration/loginLogo HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Cache-Control: private, max-age=3600 Content-Type: image/png Expires: Tue, 08 Jul 2025 18:51:05 GMT Last-Modified: Tue, 08 Jul 2025 17:51:05 GMT X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Date: Tue, 08 Jul 2025 17:51:04 GMT Content-Length: 2666`

	GET secure.ascensus.com/login/wwwroot/main.bundle.js?v=2025.6.18.781	141.193.122.41	200 OK	48 kB
URL GET secure.ascensus.com/login/wwwroot/main.bundle.js?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (48055) Size 48 kB (48184 bytes) Hash 48e6674c8e23ebaa49c5aed445874afb 02db95271e9fc337c95411d878039bc9bb06538b d975bba6026f1335d0a061f175061a4245d9fbda17e0891befe0da689dc5505d HTTP Headers GET /login/wwwroot/main.bundle.js?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Wed, 18 Jun 2025 16:25:20 GMT Accept-Ranges: bytes ETag: "05864956de0db1:0" Vary: Accept-Encoding X-UA-Compatible: IE=Edge X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Date: Tue, 08 Jul 2025 17:51:03 GMT Content-Length: 13946`

	GET use.typekit.net/lyr7ktz.css	23.36.77.81	200 OK	9.0 kB
URL GET use.typekit.net/lyr7ktz.css IP 23.36.77.81:443 ASN #20940 Akamai International B.V. Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subjectuse.typekit.net FingerprintF3:36:2A:08:11:E8:8C:54:E5:3C:6A:03:53:BF:AA:D7:7A:84:8B:89 ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (516) Size 9.0 kB (9031 bytes) Hash 225db596a1bd258cdb1936735cd60bbd 7a56be5407f5c8fac1725e3e6209a98438ab1cd5 3cea62544b5af166f56b548f864304fd2a60d8695b87dcba62c342efbaaf6821 HTTP Headers `GET /lyr7ktz.css HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://secure.ascensus.com DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx content-type: text/css;charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; cache-control: private, max-age=600, stale-while-revalidate=604800 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip content-length: 1085 date: Tue, 08 Jul 2025 17:51:05 GMT akamai-grn: 0.474d2417.1751997065.1df89a2 X-Firefox-Spdy: h2`

	GET secure.ascensus.com/common/css/variables?v=2025.6.18.781	141.193.122.41	200 OK	363 B
URL GET secure.ascensus.com/common/css/variables?v=2025.6.18.781 IP 141.193.122.41:443 ASN #12152 AS12152 Requested by https://secure.ascensus.com/login/Participant Certificate IssuerDigiCert Inc Subject.ascensus.com FingerprintBE:45:28:30:E3:86:A4:ED:8A:86:10:6E:6D:78:D3:97:45:65:FB:D9 ValidityWed, 04 Jun 2025 00:00:00 GMT - Sun, 05 Jul 2026 23:59:59 GMT File type ASCII text Size 363 B (363 bytes) Hash 249f2c5b4e5b73506c8e0c1f2c4793c4 c4000e84e371b1dbbcd9aeccb4fa2f31a4a9f339 4d849d12e210d7f0642277ca58f673cfb4cfc083072dee244d932177eb5b3c7f HTTP Headers GET /common/css/variables?v=2025.6.18.781 HTTP/1.1 Host: secure.ascensus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://secure.ascensus.com/login/Participant Cookie: NGUnifiedLogin.SessionId=cviwhd2sqykyetfk2t1rbwsf; TS01749d5d=0163a0b064fbaeb4a6f9e0bacc7278c4cf00acef53bb737a9f50e745647ef40c2d7f65003851c0ad99c116615cbb2593eb67ac07885e6e149eb7c5c6453462ae681bb6c2d8 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Cache-Control: private, max-age=3600 Content-Type: text/css; charset=utf-8 Content-Encoding: gzip Expires: Tue, 08 Jul 2025 18:51:04 GMT Last-Modified: Tue, 08 Jul 2025 17:51:04 GMT Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Date: Tue, 08 Jul 2025 17:51:03 GMT Content-Length: 264`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers