r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Fri, 13 Jan 2023 03:38:24 GMT
Date: Thu, 12 Jan 2023 21:39:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5233
Expires: Thu, 12 Jan 2023 23:06:38 GMT
Date: Thu, 12 Jan 2023 21:39:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Thu, 12 Jan 2023 22:25:15 GMT
Date: Thu, 12 Jan 2023 21:39:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 20:41:51 GMT
content-type: application/json
age: 3454
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4l4uy3nw9dczv/FfhpDOQBTdy7DWLr9th+9CrSXhIS2sB2dzPa1Ce2GECPm9wjXHNLrh26EMnhs=
x-amz-request-id: N6HZSK6XD3E1M67R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 21:17:35 GMT
age: 1310
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 21:39:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 21:33:45 GMT
age: 340
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2103
Cache-Control: max-age=129743
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:26 GMT
Etag: "63bfcda6-1d7"
Expires: Sat, 14 Jan 2023 09:41:49 GMT
Last-Modified: Thu, 12 Jan 2023 09:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DO2ufRtLcSKocqDUgMs2YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q1UVckfDXcNJN5MORzbqadllAo4=
wada-kawara.com/kfcu/confirm.php
118.27.125.181200 OK 14 kB URL HTTP/1.1 wada-kawara.com/kfcu/confirm.php
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (20931), with CRLF line terminators
Hash 2b8760ddab258eab94a69672ca27a05f
fca4b684d14b742e00448636c0611b070115ebbb
868f204c49d4012e1c34100e7a3692ab00bb10ee0f4c9b93ea4539cda194ecb5
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/confirm.php HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 14124
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range,Accept-Encoding
Accept-Ranges: none
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/localization-ts.js
118.27.125.181200 OK 441 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/localization-ts.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (741), with CRLF line terminators
Hash 1d8ae1e60c45ae774ff49222e2280292
9e4a2b2ce601adbb119c4d947fc8f83eec0346cb
55546107623083cdabfff5d70ce6f4f8b9511d5040ba96db568232dd53e28cf6
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/localization-ts.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: application/javascript
Content-Length: 441
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/css.css
118.27.125.181200 OK 666 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/css.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with CRLF line terminators
Hash 5239690468dd765cc2efdaf8bb5e9591
74def02ce0680cd1596d10ee6fd9b6473dc23f22
e6ccd5dc75dbe45bb93ac542275e68f674b0725bafab48882c9855817e989cfe
GET /kfcu/Connexus%20Credit%20Union_files/css.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/css
Content-Length: 666
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/yui-reset.css
118.27.125.181200 OK 442 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/yui-reset.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (746), with CRLF line terminators
Hash 8aef766dca9579bc37ec279321c88d9e
7f493dcb8b752edadf5832ecfef8614e70e47e9f
73bb19387863edd8a65876e39b94cda46abd5cfcc86d192a1825d74f3fbdb6ff
GET /kfcu/Connexus%20Credit%20Union_files/yui-reset.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/css
Content-Length: 442
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery-ui.css
118.27.125.181200 OK 7.6 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery-ui.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (29352), with CRLF line terminators
Hash c5537111f351964e36cb0e1ecff37e73
3a91b251a035a69ce25d843961b2def1ffbe3982
b4ed5f8b5895332d87d5f9ea14bcf901f97174b6c25f9b36701ac4b909283758
GET /kfcu/Connexus%20Credit%20Union_files/jquery-ui.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/css
Content-Length: 7578
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery.css
118.27.125.181200 OK 829 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2651), with CRLF line terminators
Hash ba4026b9c7aa09cafab00930363543d9
15931af021a1243617d1778c801520740ef16044
4f1737ae79b30e0af2f13d1ba9cdaca598505ab48ba1534049e0ff1947eb35a7
GET /kfcu/Connexus%20Credit%20Union_files/jquery.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/css
Content-Length: 829
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/aec7706684
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/aec7706684
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/aec7706684 HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/ext-all.css
118.27.125.181200 OK 18 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/ext-all.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65409), with CRLF line terminators
Hash 773063a1f62da989055ff1eacab48fc0
703eefbd0eea036489804fd2e70d2b3ee40720a0
2504c66b90f765e679e042ed8d44a9b69431cd786d4972492078736f125ea0a8
GET /kfcu/Connexus%20Credit%20Union_files/ext-all.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 17529
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/pretty-checkboxes.css
118.27.125.181200 OK 361 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/pretty-checkboxes.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (743), with CRLF line terminators
Hash e73015807e4d4c679f8e15a2908ef1b6
3e5f6850497e9191ff4ec4370c7c393f87847306
071b116de4c58fd4012952a134f145d5aa2835801b8c43fd5d7354b968f71cfc
GET /kfcu/Connexus%20Credit%20Union_files/pretty-checkboxes.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 361
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/grid.css
118.27.125.181200 OK 1.5 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/grid.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5600), with CRLF line terminators
Hash e717667738168d007eaeaa666a4b538a
c138f013a95976dd3e0ee7a5eaf3a6386f1e431f
a9b2fc74af81a1de406d8b55d168e1b0846af1ac225e731b9604030ea9438ced
GET /kfcu/Connexus%20Credit%20Union_files/grid.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 1510
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/sidebar.css
118.27.125.181200 OK 847 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/sidebar.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2691), with CRLF line terminators
Hash 39b5d696474f2518a797ec95445725e5
1f72c446a978251cfd1e739dec1915b8c9001c9b
b74914541263fc3ea47b76ba913a61c69b69b88e1ab710eeb16b40ef3f0344d6
GET /kfcu/Connexus%20Credit%20Union_files/sidebar.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 847
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris.css
118.27.125.181200 OK 346 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (537), with CRLF line terminators
Hash 4964dd45c5dcf3d2356aea1c469eee17
fcae1099d61898471a06505b54815e939e79a6b8
0dbed80cc950db35092e930a2548754253b58cdb1199d3a4eac0034122e68c34
GET /kfcu/Connexus%20Credit%20Union_files/iris.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 346
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/browser-unsupported.css
118.27.125.181200 OK 2.1 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/browser-unsupported.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (10371), with CRLF line terminators
Hash df2bcdea1a384a976376e3b8f333f1d8
b6d7c8fe06f1c06537a32f9a2305264bfc8d1dfb
c32fe857599c463f0588e1e69bcd1b815b2749511c93e95fe538f071850cc013
GET /kfcu/Connexus%20Credit%20Union_files/browser-unsupported.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 2056
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/base.css
118.27.125.181200 OK 34 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/base.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32028), with CRLF line terminators
Hash 57eefd22d8611210e6822456edead76e
b120f6356fbba810add5c0ec724bd7ed6f82efb4
50fd35b6cfb220365497e6ffd85ec140a37887db4bbfa065193e7fce0574e3f3
GET /kfcu/Connexus%20Credit%20Union_files/base.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 34158
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Authentication.css
118.27.125.181200 OK 3.2 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Authentication.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20220), with CRLF line terminators
Hash 8f411d7fb42255ac382a1c17ae1c7d9a
4f2cab3f40491147fbc8bf031cdcaf3cc9c2c42e
9285b924759ce74bcf7479f55b5a1da03cc0aa6989145177f65dd3734ad7ff1d
GET /kfcu/Connexus%20Credit%20Union_files/Authentication.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 3237
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/theme.css
118.27.125.181200 OK 4.7 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/theme.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27196), with CRLF line terminators
Hash d23511482962e3f497425b25069ae198
6f0e6690824593c398664b7eafa476d43e53676f
ceefa8cf263a1a899c9755d5f259c7568f3fb82b8203413b72b9bb48eb3a9f9e
GET /kfcu/Connexus%20Credit%20Union_files/theme.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 4655
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/fi.css
118.27.125.181200 OK 8.0 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/fi.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (40820), with CRLF line terminators
Hash c978cbf8dce47cf69da9740b4de47a6d
7d4b28657a915821a647446ba0768b1dfc1306b2
40e3c31b2b93181344f712489d780b1172257323575417ac7f83246d895d7d52
GET /kfcu/Connexus%20Credit%20Union_files/fi.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 7977
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris_002.css
118.27.125.181200 OK 15 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris_002.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e9a2f3b49c7977884785abe22b27a51
1d46575e724b9136786b7dd3e1ee5c82ebdd058a
b854a8136de7368c96732afb951d7c50bfb417ae356bf61ffe81200c94074816
GET /kfcu/Connexus%20Credit%20Union_files/iris_002.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 14608
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.css
118.27.125.181200 OK 99 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with no line terminators
Hash fc23a0c679b13b3451236e284f4330b9
645e90c3d5cf7cfc0e23afd02c63eabf987715f9
63e578f6d6e2225151cd126931d55fa822949e94f8888cf81912fb7e492b0a9c
GET /kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 99
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 21:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 21:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 21:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 21:39:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9165
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 21:39:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 11:00:38 GMT
age: 38329
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:26 GMT
age: 86161
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/nr-spa-1118.js
118.27.125.181200 OK 13 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/nr-spa-1118.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32015), with CRLF line terminators
Hash e5008bbe52cb7c3dbc97bea87bb26481
270454327e7f27390dec5cdf25d4c48ffc4d95fb
eaa22940cab13dccf9b600f059187e0013b63f1eb41f64e618ac883aca5196c2
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/nr-spa-1118.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Content-Length: 12948
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_7dfck1JpoBljLhEqdVOXQQxz4HERkMcGbN0-V0Q3hqNdNA9-_jrA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:29:07 GMT
age: 65420
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FC9xd9brDeAOtHjXnkpSO0IOX1rLjGRVkuBguuwJ2xFDTq0x9-QtaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 85465
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XCcge2Ruz-j01PJpHpnOuCiaH8OQYiQjh-IQaQ18e875_qfgqzXzGw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 85465
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5be19dbab0e6de72252ad1d0a918d14
dcaad5032b156502921ee6dd453ad9d6b94eceb7
cc359e0142be054d7fc5af545b0368e44a3f8f257aa8306cac903cc3ff7a3f64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: e59fc954-0f07-43fd-bc9e-be0a6dbe0055
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPMAHpSIAMFc4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2be6-23038d0606616ad81dbd2de5;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2UG8x2jCqfne8ZL7KyAvZf9eR33ye8BYSIevjQmu3c_Y_a19f3sgA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:51:55 GMT
age: 85652
etag: "dcaad5032b156502921ee6dd453ad9d6b94eceb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/popper.js
118.27.125.181200 OK 7.2 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/popper.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20164), with CRLF line terminators
Hash f4286afad3eb7fa8ef3b696d59c6ccc8
07e1b12e92e7defed8b2b042b87cf525fdc5fe92
5605bf68bbd9a14a553af5301c790f4214e0573307984ec60c885b8bd6bd6802
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/popper.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Content-Length: 7245
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Hash 037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 547574
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 21:48:03 GMT
expires: Fri, 05 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 604284
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15440, version 1.0\012- data
Hash 55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 15:42:46 GMT
expires: Wed, 10 Jan 2024 15:42:46 GMT
cache-control: public, max-age=31536000
age: 194201
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/polyfill.js
118.27.125.181200 OK 9.3 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/polyfill.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27394), with CRLF line terminators
Hash 304dd489515edf884300bc342ed6564d
baf67714b0659f4108143d8dc25cea26d33c7c6a
a69ab2493bbe5ed27e87ac3d725de51f193aa27d99e6e7c071c8cdeca0422be7
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/polyfill.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Content-Length: 9305
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/analytics.js
118.27.125.181200 OK 18 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/analytics.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1656), with CRLF line terminators
Hash 13e24c8986b319e38b76f0db76361942
1aadc448e8fa459314a7537061845cbdb8532da2
33d3fae81b67dc4661f5ab5ca937b49b2abf6b47c8f7ce2cf96f7b2f3a57557b
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/analytics.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Content-Length: 17620
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/print.css
118.27.125.181200 OK 1.9 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/print.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (7734), with CRLF line terminators
Hash 78d425f1a1283f365b2bb6ce050f6699
61e256149640787b13f7d009a08466e7397ce763
6ae244b7252b218f765150b9d88df09f4b6e26fb5d2f220bfcbb6b10d94794f9
GET /kfcu/Connexus%20Credit%20Union_files/print.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/css
Content-Length: 1872
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
118.27.125.181200 OK 19 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Hash b5b117ac20a0b74e963ec1068075bf55
d9987bbdc9d0b8a3395391fe8721c716a8657cc4
11de31b749fa45c7cfec60a0389afb0f5e32c6e03c3d14a93f1959b215268989
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: text/plain
Content-Length: 18628
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j73&a=1096798613&t=pageview&_s=1&dl=http%3A%2F%2Fwada-kawara.com%2Fkfcu%2Fconfirm.php&ul=en-us&de=UTF-8&dt=Keesler%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAMABAAAAAC~&jid=160881025&gjid=1811406249&cid=1375789914.1673559553&tid=UA-71023015-1&_gid=1012585493.1673559553&_r=1&z=83277879
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j73&a=1096798613&t=pageview&_s=1&dl=http%3A%2F%2Fwada-kawara.com%2Fkfcu%2Fconfirm.php&ul=en-us&de=UTF-8&dt=Keesler%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAMABAAAAAC~&jid=160881025&gjid=1811406249&cid=1375789914.1673559553&tid=UA-71023015-1&_gid=1012585493.1673559553&_r=1&z=83277879
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j73&a=1096798613&t=pageview&_s=1&dl=http%3A%2F%2Fwada-kawara.com%2Fkfcu%2Fconfirm.php&ul=en-us&de=UTF-8&dt=Keesler%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAMABAAAAAC~&jid=160881025&gjid=1811406249&cid=1375789914.1673559553&tid=UA-71023015-1&_gid=1012585493.1673559553&_r=1&z=83277879 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://wada-kawara.com
date: Thu, 12 Jan 2023 21:39:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris.js
118.27.125.181200 OK 30 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/iris.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6805ed1ce79138651746b971b9ed46f3
c10e8b6cc09beb6bcadddbda23d1f0e7383dd304
351b2f44257fa01dae2eb209c52e4c99589e3fa35056881a7e88c12d65075e7e
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/iris.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Content-Length: 29571
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery_002.js
118.27.125.181200 OK 72 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery_002.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32039), with CRLF line terminators
Hash 6daf73c9019ac7fbffb2192bb1c4a32c
a2bbad5c171deaa45dadde414b42a889a224638a
d85fc7d261f7240b6a91cc2af2e675229b14b0f25b20958f14544ed9611114d0
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/jquery_002.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/fonts/Alkami-font.woff?636833168113306165 HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1cc8833602dd5e367a6233f2fd9a368
88ccf284313388951cc3eb3534022c403bce8f94
814c643caa1b930bcd10ed0f83968bd7b2d313075bbdd5bb7428e3b9aa87219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&gjid=1811406249&_gid=1012585493.1673559553&_u=IEBAAMAAAAAAAC~&z=662076886
173.194.222.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&gjid=1811406249&_gid=1012585493.1673559553&_u=IEBAAMAAAAAAAC~&z=662076886
IP 173.194.222.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&gjid=1811406249&_gid=1012585493.1673559553&_u=IEBAAMAAAAAAAC~&z=662076886 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://wada-kawara.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 12 Jan 2023 21:39:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1cc8833602dd5e367a6233f2fd9a368
88ccf284313388951cc3eb3534022c403bce8f94
814c643caa1b930bcd10ed0f83968bd7b2d313075bbdd5bb7428e3b9aa87219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery.js
118.27.125.181200 OK 17 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/jquery.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (32010), with CRLF line terminators
Hash 859a53ac4180d44f1f9cf4be1d07b2c4
7cb569db7b1e44ec4a246e506180ac7503bae0c7
4800f42bf6d6f93aa09c191791f1635fbca6cc63ba9a06e79b54bc363556d8ff
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/jquery.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 16713
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/globals.js
118.27.125.181200 OK 18 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/globals.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (31981), with CRLF line terminators
Hash 332fa41359b46e6ffa3711713ff93aaa
8c5d76446730100f042572dacb74b0328fefb16f
4222bd8196cc75f5bd3473c90107874ec8e55c4583ebbff7ed0d127d7ed53c24
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/globals.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 18479
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/knockout_002.js
118.27.125.181200 OK 2.4 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/knockout_002.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (7656), with CRLF line terminators
Hash 9c120ee77f171ae8f9f983bdcf8e2df1
8f0812c8c5bbfa4bb0dc1c1be4896dce02ccc252
3a583bc35548c5df077ebd1a23a7dc670bb9121bee3df28d1570c7c93e762c01
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/knockout_002.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 2377
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/knockout.js
118.27.125.181200 OK 32 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/knockout.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash 1dd6153dbae8ab572ac40bda93da4c4b
d756da54f84706ae6a26ee212820d00f829e5d3d
8f6ffadacc1d28d8f2b142e89bd4d634d733d3fc11a9c3d85226c0e1dc5a495e
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/knockout.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 31699
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/vendor.js
118.27.125.181200 OK 38 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/vendor.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (51679), with CRLF line terminators
Hash a78ddb6258297b76b031801317858510
67e18a445b0942c83faf4226c655cded3b62835e
81cf6449f44e25e52ae672d1c8c721f6191f0210b407b96574fadc6cff69a326
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/vendor.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 37570
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/Alkami-font.ttf?636833168113296155 HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
Cookie: _ga=GA1.2.1375789914.1673559553; _gid=GA1.2.1012585493.1673559553; _gat=1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/shared.js
118.27.125.181200 OK 1.2 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/shared.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3158), with CRLF line terminators
Hash b6e9ac5124f68cf3e2cc279068598375
d8eed53a66e0abc47524a434065ce11ee3594a41
560dc085e32c5c73bae4ada283214386d88f52437872972402f337881812b53a
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/shared.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 1217
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/flashInterface.js
118.27.125.181200 OK 1.1 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/flashInterface.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2644), with CRLF line terminators
Hash b3398c8c07f271b96f58dec704938ee8
4a9af51847c1898db40a1b317f24c88907ab91ca
6404060a72ac236ded79c97f585db8b6901e1d19eff522ab4c0afc00bbc33fd9
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/flashInterface.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 1097
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/plugindetect.js
118.27.125.181200 OK 10 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/plugindetect.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (30324), with CRLF line terminators
Hash 7de46fd61aca0acdde7e67ed02535ef8
1d7e1c42fc2d55fe89773446af440c3c2972f91f
8787e233b041cb8e1fdffa0a437eefb83a79bd9161c4d98daeef0960f7044a3c
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/plugindetect.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 10167
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/machineInfo.js
118.27.125.181200 OK 1.5 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/machineInfo.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5113), with CRLF line terminators
Hash 06c03a56bd25ebb898fa3cebfe2b6eed
b37266f9b7bc93f4aa9360844fbb0c648eaf1b01
04d92f0418e5da2a6711c58beab6b7279171356251d2e76e766a7ed1adde61ba
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/machineInfo.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 1535
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/login.js
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/login.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/login.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Authentication.js
118.27.125.181200 OK 2.1 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Authentication.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (6838), with CRLF line terminators
Hash eb435cbf8ebe3778f61fc27d97943108
5c67c39e44a5a3c4bdfce2cbb23d2924e97e7b77
97e010bc1821b885ba7b1444f11b855fdf442b47e4da681cf437c506a9ccd439
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/Authentication.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 2089
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Helpers.js
118.27.125.181200 OK 502 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Helpers.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (806), with CRLF line terminators
Hash d0b318c493c5553ed98069144f05166b
7437532495f1c91375f79e3801e6598719d6e294
480d4a62116b53be02bb02b7fea75e07886be6c97ca04e58f5f56c9055ab1d64
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/Helpers.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 502
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/ext.js
118.27.125.181200 OK 221 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/ext.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (46750), with CRLF line terminators
Size 221 kB (220818 bytes)
Hash 17722212734e93835f84ee0b7cbd9ae0
7661ffc48e2c0d43deba26522b64780d4d329ff7
51b7826deae7b8644cb7d5e5658d66d448506b8ad0aa5100c152d54a81c52c61
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/ext.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/MutualAuth.js
118.27.125.181200 OK 1.5 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/MutualAuth.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3853), with CRLF line terminators
Hash 1d24bcc2c78a95a64dbc824ef41dcdc5
a3badf737315c26e553d9d60248b352be9d5bffe
3fcd523fc78f6f2c055d9e70df59788b2af95b4cb679e33afccca061a5e7bc2d
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/MutualAuth.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:28 GMT
Content-Type: application/javascript
Content-Length: 1457
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
118.27.125.181200 OK 5.0 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20326), with no line terminators
Hash 5af05714fbc0f2f9f22e47ba35ee7daa
475f5981424f63a98f49add981c303edfd8cdf04
b669733a73a2c58a0a5a2d6eba3652aeb411ea15d60f0810705bff757d8f2c57
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: text/plain
Content-Length: 4965
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.js
118.27.125.181200 OK 2.2 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2344), with CRLF line terminators
Hash d4bec1f696865fe83d4a0829f39f5527
1a892e1d317b60d5fdac0385e102465d7f283ee2
1c23c3d4fd433d0041abdf33a5e777fd567d212c297dbd51c10371ebc581e187
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/YodleeFastLink.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: application/javascript
Content-Length: 2172
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/snippets.js
118.27.125.181200 OK 221 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/snippets.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (367), with no line terminators
Hash b5b47b204e93c8971937ba2ba02026b2
18f3efd3e63c8534af16cb5c71543ae94ddc7ce8
092dc89d63570e59cc5904471f90c5f83cae282ac6e6ac39098d9671512d494c
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/snippets.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: application/javascript
Content-Length: 221
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Logo.png
118.27.125.181200 OK 30 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/Logo.png
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 1050 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 8db3e98f8b5f442f4fa15323f6622bff
453c1693f1f99ddddde652c4dcfd5e28af59b2f1
49d85af5271ca26af3ab2a01d4c345198b14ac42dbcad2ec795571d986c99fca
GET /kfcu/Connexus%20Credit%20Union_files/Logo.png HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: image/png
Content-Length: 29663
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/app-store.webp
118.27.125.181200 OK 1.1 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/app-store.webp
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88ee13ae12959c2a4ac8f073d4eaeccc
bd550bacbea4ebc7e280d0e92ab14909bc6a8478
b3a36a3665c80d7325ba725bbc5e3c05f8768278ecd0a53494f81bdfda5aa637
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/app-store.webp HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: image/webp
Content-Length: 1111
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/RiskEvaluation.js
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/RiskEvaluation.js
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/RiskEvaluation.js HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/play-store.webp
118.27.125.181200 OK 1.7 kB URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/play-store.webp
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d2fb2a8ffe3e09698b61ffa1fee8ea6
67db26698b5cb0970eefeb5a089d6eac3f4aae02
2fd9168c052a3a6e73e45d604f99b9a217ec23858f384bbf05939a686246d6d7
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/play-store.webp HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: image/webp
Content-Length: 1669
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 12 Jan 2023 13:59:21 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
wada-kawara.com/stylesheets/fonts/AlkamiLogos.woff?636833168113336193
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/stylesheets/fonts/AlkamiLogos.woff?636833168113336193
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/fonts/AlkamiLogos.woff?636833168113336193 HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6bb86817a182559a9657a84391bc0914
471d4c681cfd01c50f9d8f12f6b614e326424093
1ff17d42ac0d4d078340bd30215a525937da02da88c546a781293889fa756dac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 56ed86c6ba574264fcbaf67b5a233a23
2af652f21e1e6ba1d58ee28027af55017a5206c8
8c25f30c1fc2d7cc7650a6af7f788de0297b9f52ec8806a40797a84345103860
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 21:39:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j73&tid=UA-71023015-1&cid=1375789914.1673559553&jid=160881025&_u=IEBAAMAAAAAAAC~&z=1458729060 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 21:39:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wada-kawara.com/API/Locales
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/API/Locales
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /API/Locales HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-NewRelic-ID: VgABWFdUGwACUFlWAwQ=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
Cookie: _ga=GA1.2.1375789914.1673559553; _gid=GA1.2.1012585493.1673559553; _gat=1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 56ed86c6ba574264fcbaf67b5a233a23
2af652f21e1e6ba1d58ee28027af55017a5206c8
8c25f30c1fc2d7cc7650a6af7f788de0297b9f52ec8806a40797a84345103860
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wada-kawara.com/Modules/YodleeFastLink/YodleeFastLink.css
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/Modules/YodleeFastLink/YodleeFastLink.css
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Modules/YodleeFastLink/YodleeFastLink.css HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
Cookie: _ga=GA1.2.1375789914.1673559553; _gid=GA1.2.1012585493.1673559553; _gat=1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 371d434783f4f8d36a4a4519647a5708
0d971e5d2d066dfd18b237efbebf7f1b2fd877b1
a54dbe23ae82a0a24b10185d2e40ad26e7315121cb8691d861dfc737a0044ccb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1070
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Last-Modified: Thu, 12 Jan 2023 21:21:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 371d434783f4f8d36a4a4519647a5708
0d971e5d2d066dfd18b237efbebf7f1b2fd877b1
a54dbe23ae82a0a24b10185d2e40ad26e7315121cb8691d861dfc737a0044ccb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1070
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:29 GMT
Last-Modified: Thu, 12 Jan 2023 21:21:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
wada-kawara.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/AlkamiLogos.ttf?636833168113326186 HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/confirm.php
Cookie: _ga=GA1.2.1375789914.1673559553; _gid=GA1.2.1012585493.1673559553; _gat=1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
104.17.43.19200 OK 284 B URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
IP 104.17.43.19:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5d15480a42008adfc6a2210aa3c0f34e
a1bb91beaef073f57551849fbd5414b3c4a8bfe1
44922a1bb754a26cf842a1031e8f0d3f2141564f1bfc444fe5cc433fa0a81ee4
GET /Orbital/Connexus/favicons/favicon-16x16.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 21:39:30 GMT
content-type: image/png
content-length: 284
last-modified: Mon, 24 Oct 2022 06:13:09 GMT
etag: "ec857cb06fe7d81:0"
x-svr: WEB1643122
expires: Thu, 12 Jan 2023 21:49:30 GMT
cache-control: max-age=600
cf-cache-status: MISS
accept-ranges: bytes
cf-request-id: 1649858e4000001c1230001000000001
set-cookie: __cf_bm=wmMU6dJo4DFGgIfMAnGLSNN7Od6ZuH2goBi7M7HMQD4-1673559570-0-AWx1afMYDoth3Xq8kpR+NAQMGSKSK4G4AlaW7ovopM5syc8tlAmtgOkrKjSjPwFWfna9W9ltXCu+VcMZOA3VnZA=; path=/; expires=Thu, 12-Jan-23 22:09:30 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 78890b906ff11c12-OSL
X-Firefox-Spdy: h2
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
104.17.43.19200 OK 4.3 kB URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
IP 104.17.43.19:0
File type PNG image data, 192 x 192, 4-bit colormap, non-interlaced\012- data
Hash f559d931134bca72ab30201a5d814e36
34a54f529ad572313cbbda37d5485dbf39693a04
7a10862a91523af52c5fb3b4dc50039d919a54a0a3365d7335a40d6f77f037bf
GET /Orbital/Connexus/favicons/android-chrome-192x192.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 21:39:30 GMT
content-type: image/png
content-length: 4253
last-modified: Mon, 24 Oct 2022 06:12:57 GMT
etag: "982239a96fe7d81:0"
x-svr: WEB1640109
expires: Thu, 12 Jan 2023 21:49:30 GMT
cache-control: max-age=600
cf-cache-status: EXPIRED
accept-ranges: bytes
cf-request-id: 1649858e4700001c1281801000000001
set-cookie: __cf_bm=0ALwDQnblUDZdQ1R45YqcPOXI9SDteQz6s7vio_NCIs-1673559570-0-AeGWApgA9EvdgelNiJPMwO/0uUpD8t3S9Yf/wDmQ2QPJpnpoeyz2vv6fvN73ob4A3Gm42jlNhZWmhuNmJWjFQ0A=; path=/; expires=Thu, 12-Jan-23 22:09:30 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 78890b907ffa1c12-OSL
X-Firefox-Spdy: h2
wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff
118.27.125.181200 OK 0 B URL HTTP/1.1 wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff
IP 118.27.125.181:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /kfcu/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff HTTP/1.1
Host: wada-kawara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wada-kawara.com/kfcu/Connexus%20Credit%20Union_files/base.css
Cookie: _ga=GA1.2.1375789914.1673559553; _gid=GA1.2.1012585493.1673559553; _gat=1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Range
Accept-Ranges: none
js-agent.newrelic.com/nr-spa-1118.min.js
151.101.130.137200 OK 13 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1118.min.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (32015)
Hash 8652588de7907a2ff449646421e5e5c1
593149229a462cd897d39da89552428d14cdaa7c
9169cade724eb2c4f34ae87c31fcd35529c2861d089fd659d653fd46d2dcd893
GET /nr-spa-1118.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /yniaSYt4n9gAMNcco+WPXyIHOnPwbEsY7G0hOMJYJwPhPRffE7oeUt/VgAiAAe15EAVoo/alXY=
x-amz-request-id: QBSX78X4HB7GY2YR
last-modified: Wed, 02 Jan 2019 18:42:31 GMT
etag: "7e24c95b9a35bca45860d13c1ef0a95b"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 12 Jan 2023 21:39:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 29
x-timer: S1673559571.912832,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 12943
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 96efd72b3ee2cd945910bcb6ba9096a2
dc6fc973370140b050b08f6de640936c0bbade8d
be5cc587e92c617d1e17d7bfef1ecf941c36d103fa1af02ec0796d10e1326ecf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6515
Cache-Control: max-age=96022
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 21:39:30 GMT
Etag: "63bf38b5-1d7"
Expires: Sat, 14 Jan 2023 00:19:52 GMT
Last-Modified: Wed, 11 Jan 2023 22:31:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5506&ref=http://wada-kawara.com/kfcu/confirm.php&ap=27&be=2317&fe=5400&dc=4052&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673559550111,%22n%22:0,%22f%22:-4,%22dn%22:-4,%22dne%22:278,%22c%22:278,%22ce%22:528,%22rq%22:528,%22rp%22:960,%22rpe%22:1209,%22dl%22:965,%22di%22:4051,%22ds%22:4052,%22de%22:4088,%22dc%22:5400,%22l%22:5400,%22le%22:5402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5506&ref=http://wada-kawara.com/kfcu/confirm.php&ap=27&be=2317&fe=5400&dc=4052&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673559550111,%22n%22:0,%22f%22:-4,%22dn%22:-4,%22dne%22:278,%22c%22:278,%22ce%22:528,%22rq%22:528,%22rp%22:960,%22rpe%22:1209,%22dl%22:965,%22di%22:4051,%22ds%22:4052,%22de%22:4088,%22dc%22:5400,%22l%22:5400,%22le%22:5402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5506&ref=http://wada-kawara.com/kfcu/confirm.php&ap=27&be=2317&fe=5400&dc=4052&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673559550111,%22n%22:0,%22f%22:-4,%22dn%22:-4,%22dne%22:278,%22c%22:278,%22ce%22:528,%22rq%22:528,%22rp%22:960,%22rpe%22:1209,%22dl%22:965,%22di%22:4051,%22ds%22:4052,%22de%22:4088,%22dc%22:5400,%22l%22:5400,%22le%22:5402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:31 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 78890b968c57b51e-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=e2c4ba5a1f39174d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=6006&ref=http://wada-kawara.com/kfcu/confirm.php
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=6006&ref=http://wada-kawara.com/kfcu/confirm.php
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=6006&ref=http://wada-kawara.com/kfcu/confirm.php HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 367
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:31 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 78890b998f900b59-OSL
Access-Control-Allow-Origin: http://wada-kawara.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5992&ref=http://wada-kawara.com/kfcu/confirm.php&st=1673559550111
162.247.241.14200 OK 36 B URL HTTP/1.1 bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5992&ref=http://wada-kawara.com/kfcu/confirm.php&st=1673559550111
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 64c73a0ce5b3deed93115eb25d5ae9c1
047f0b8a18a90c7c8ffeead9aba6afd66800f335
7a6a7ee27a384ba17334605fdb290104cfd5f53d3321acc4c7e947d3e357a41a
POST /resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5992&ref=http://wada-kawara.com/kfcu/confirm.php&st=1673559550111 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 9370
Origin: http://wada-kawara.com
Connection: keep-alive
Referer: http://wada-kawara.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 21:39:31 GMT
Content-Type: text/plain
Content-Length: 36
Connection: keep-alive
CF-Ray: 78890b997835b51e-OSL
Access-Control-Allow-Origin: http://wada-kawara.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cbf9979c9463fc2681e757256e9d028c
a45408076bf9fa5c6ec83c96a4c5680dc7be7da9
1d0d45cbbba75f0add27aae361e0dc31ce6e317ec62b23acf10db34b47f125e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9413
x-amzn-requestid: fb0125f5-e899-463d-ae4a-0a92945c1731
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDYFKgIAMF7mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2baf-080b963d391741252d9f67ee;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -bYZilXGEW2PNyCeUAopo5yCLFhnLbyz2d7dxQyVZK3xI2xyFKQGcw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:58:00 GMT
age: 85294
etag: "a45408076bf9fa5c6ec83c96a4c5680dc7be7da9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2