taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
172.67.164.244200 OK 2.6 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
IP 172.67.164.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (366), with CRLF line terminators
Hash d2a7c91e1c2309d10bc9a0ed6ec7a829
027df11c21ce4157faae4aa2726fe9fef2a28583
4187defa6156b472b7e7bd807d207f9e96b1dd23431cdbebc9030c6dd9f60ac3
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /svr/lbc/confirmation/carte-bancaire.php HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB14PqOVxVgiErbsMhGMXGUrjWzYPKIBzSnT3c2BGchmeGYhwEOWkGdfCGVNyxMP0wdTxwAxAdzoaQarEcDpGFg6%2BzObCgA1%2BhU7Uj6DjnAn4tkBPL3giTwGIEFj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba600dffb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2225
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 11:15:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2468
Cache-Control: max-age=86204
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:15:40 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:12:24 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4614
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 11:15:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 10:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3402
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:15:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tOvuqAx+Ku3BogoYZ34DCQmFBxx7WH46dqpqm8Nda+/2soKQEvcSmNkcu7pQHre9c7uO71GGzGM=
x-amz-request-id: JQCVHJAMSNS79NPR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 10:43:22 GMT
age: 1938
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
taxifly.nl/svr/lbc/confirmation/css/main_style.css
172.67.164.244200 OK 1.6 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/css/main_style.css
IP 172.67.164.244:0
File type ASCII text, with CRLF line terminators
Hash e7443df811fb9021ef48d3cc6d24e3ab
93bea5f6cef8d0eeb94bc20fe610357e59b285cb
1ad8b2d81e20d69bf3b2d80d17884c2f2af75d958032d77549f90c951be7313a
GET /svr/lbc/confirmation/css/main_style.css HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/css
Content-Length: 1602
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:50 GMT
ETag: "9247619-1c3d-5de5a41728380-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCWlBDJyFNVnzmqv3xqHfGr36a2Qf%2FT0Oowk12DmFkJM34GF8bK3w5LDPXjt5H2vyMdhRKOrb%2BTqxO6dicx0L36svNwxL9dgvwf6HOISEAO8mMbO7XAt1dQI8x2O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba622cdab521-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/js/vx-lib.min.js
172.67.164.244200 OK 2.3 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/js/vx-lib.min.js
IP 172.67.164.244:0
File type ASCII text, with very long lines (8999), with no line terminators
Hash 8fa2d1317d9e739930b5107277fe7fc8
a43d297157770de003d5d3ac8d90113933a541fe
0629d9be0941e8744fbe4716077e6e9a16d92d13ec7f1c108bbae7e862b933b9
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/js/vx-lib.min.js HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: application/javascript
Content-Length: 2305
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:34 GMT
ETag: "924792c-2327-5de5a4411e680-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXCfBT977AduGTU8T74K7vt95n4cf9%2FA6H0ELE7%2FS%2BBAyuP8LEA8hnp7lZ3F9lcG7ZDbzvPC2h9pAWiE%2FGmQjLozIEipTzLtNSGUhiEGrJt%2Fpx5K18aEBROY%2BfPD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba623c83fac8-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/css/font-awesome.min.css
172.67.164.244200 OK 5.1 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/css/font-awesome.min.css
IP 172.67.164.244:0
File type ASCII text, with very long lines (22167), with CRLF line terminators
Hash 6c69c4f62e382a3109108a4e6e17f9d3
1f16490da99d7f5d4a333c5b7ae6e3f2b82167f2
94946daeb1c8b49d9851e712a4a436b8c5dbdd8fd232c542e8f8073ee02aef6f
GET /svr/lbc/confirmation/css/font-awesome.min.css HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/css
Content-Length: 5098
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:50 GMT
ETag: "9247617-573c-5de5a41728380-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnZi9MFDnrbqRKkmxRlho4FN85hgNF3IRuRS6UEie4PNUneE7zLJNV7bIqLj1l55fG2vxiW1hKZ%2FdrQyTHl1C8aMLgbwVUYuUEgSmQlCo%2B12qBC9h8oK4M7FLBFa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba622bbf0b31-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/css/contextualLogin.css
172.67.164.244200 OK 16 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/css/contextualLogin.css
IP 172.67.164.244:0
File type ASCII text, with very long lines (329), with CRLF line terminators
Hash 0a48f650435c254e2e332f0545478bdc
07a6efa376833622305f4e5dc56ebecc34805e51
02034adf79c9febbd021ade6238f50f04aeffa1f92069a3bdb5d579710438c27
GET /svr/lbc/confirmation/public/css/contextualLogin.css HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/css
Content-Length: 16070
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:52 GMT
ETag: "924772d-1b81b-5de5a41910800-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvk4qJF%2B7c9iCPTj7OnM9rZDaz9Dj7qKAEJy5kkjHSLFuK3mN3gh4gWyUhRbibK4DGS7MtPZc2pkrCbT80GnP1wicLhIuvlOpX%2FgsA1FS9L0WcQTvnSLMgYxQ5R5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba6228c2b512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/css/main.ltr.css
172.67.164.244200 OK 41 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/css/main.ltr.css
IP 172.67.164.244:0
File type ASCII text, with CRLF line terminators
Hash 0ea53f5b436568151aea9190df62ac81
c0ead23c49e1bd4f6d4d8d6ea9b80fa39fb08097
730f3be2c3b7fd69d3f7cf12ca9256cb16804013d3a6fc87ba8b6270bb3486ac
GET /svr/lbc/confirmation/public/css/main.ltr.css HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/css
Content-Length: 41143
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:54 GMT
ETag: "924773c-3a4c8-5de5a41af8c80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixhYMbakpM0PSEQ3Prq7UrK8%2B9MYcOzEgxs9V387iUF32IsybFvSQ1z%2FjeQWfav%2FkI%2FfD1%2F9XCVVoh%2ByIW%2F3hBy2u55%2FKWoMLIOH2TT%2BvGdAB2CtA2JL0XbYTc7i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba6228b7b512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/css/page.c9a650b6b85d7c2bdddc.css
172.67.164.244200 OK 30 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/css/page.c9a650b6b85d7c2bdddc.css
IP 172.67.164.244:0
File type ASCII text, with very long lines (556), with CRLF line terminators
Hash 7936dfa7d67377506bbf8c0e14dffa03
0dc8a862c067cdf936b2280cada469121240be78
49d7a9f3e1c6073f50de9297ab5bf174b86a8e34399b24d105132f13dd75e29e
GET /svr/lbc/confirmation/public/css/page.c9a650b6b85d7c2bdddc.css HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: text/css
Content-Length: 29876
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:54 GMT
ETag: "924773f-2d05a-5de5a41af8c80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKj%2FjMUH1cwKIYI7xv9aULTHdchX1CWKus15rAVjdWu9Fu5aF2J5NOJT5DUaIsWnYXdWzOhBviVcW3sPmmAFVqyg2ng5JwXRMU4vWS77MrA3e06gcpd0ZtNepDkL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba622eedb503-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/js/pa.js
172.67.164.244200 OK 15 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/js/pa.js
IP 172.67.164.244:0
File type ASCII text, with very long lines (41461), with CRLF line terminators
Hash 60fc888871f3785dcdadc01c3e371ec8
e61a756943cdb4687660bd80de3aa2f52d749e06
a2ee47602f40ffb2e9c57e49338aaaa8ce95b030c52ca4e89bbc1275750098d9
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/js/pa.js HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: application/javascript
Content-Length: 14749
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:36 GMT
ETag: "924792a-a213-5de5a44306b00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSCI3Wj%2B0SP3RoOm%2FnmqAOEl6xthB%2FLe6dBIFU9Oi%2Bx0EEFyqugTxFxvxUdWJAVBzCIFVsxIex5dbrl3FTcQsqnweQFpbxAnx6mRaxeGAjf4YGYWAKxQaov6PlzD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba629c2c0b31-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/dcl1.png
172.67.164.244200 OK 1.1 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/dcl1.png
IP 172.67.164.244:0
File type PNG image data, 37 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 299f9cd583f96a2dd3d0a52078deda75
b0dc5dd510c8119e515aa4ca3c71696c54005f16
0671256adc19537d228b847a7fca20cbbca2970f997eaabfe1077d09390f15f2
GET /svr/lbc/confirmation/img/dcl1.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 1135
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:46 GMT
ETag: "9247622-46f-5de5a41357a80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PajO9ok9rYSs57ITDcL6%2FlgBDoUppzb8xjkUdz3k2OvuvST%2FrM%2FGwfy%2Fa7qQKYni5HSQxPAXVwdl73VHD%2FhHiPnnc2MaZ6i4%2B0ZTdJyuUq5e0e%2FTL7KpbKAIP0jb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba62cfccb503-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/js/card.js
172.67.164.244200 OK 19 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/js/card.js
IP 172.67.164.244:0
File type ASCII text, with very long lines (30539), with CRLF line terminators
Hash 08e8f1d13db5e9b58d66c0f807370a3e
f29c806c9022d5640948ef7550d7b46baaa32ddb
7702b7fb0a15533e653437c26e60b969b435ed8d6f8dcacd4d25016d07594de7
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/js/card.js HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: application/javascript
Content-Length: 18892
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:38 GMT
ETag: "9247928-18d39-5de5a444eef80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhNFJs394zS4mU%2FaqyYeBc6TXrc1UixEkgrp7i9EaDlZNvQEhs%2Fwkh0hsSdOgiYf3ff7lBdMhnubCWdQQMQxL1rs90MZafsnlNltNUMNGOLyhTs9g6UJ0Tn0S9qQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba62a96cb512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/mc.png
172.67.164.244200 OK 2.0 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/mc.png
IP 172.67.164.244:0
File type PNG image data, 37 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 356598b56ae81a09cfa0d3ff77fd35a6
36c0d3b5516ab43a597cc59cb3d7dc4308a9262d
ca624ad59b666d986f4afb39c166f2a82dad5ce0bbcc20156273150d42c90c7f
GET /svr/lbc/confirmation/img/mc.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 1969
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:46 GMT
ETag: "9247624-7b1-5de5a41357a80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BowGPzZ7r%2BCnCs0ojbXDkmUHG0S9a2v6FMH1eFpKbWuoknoCr0lmyZweU8ONc8UBxSNFl9kYtcnbTfD%2F5GsjwQHL%2Bjn3UYlcGues1BmhOahGqe0dKmw7hQMfRGk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba62c992b512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/paypal-logo.png
172.67.164.244200 OK 6.1 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/paypal-logo.png
IP 172.67.164.244:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 43f93a98d5ae0964424fb41f44d28a18
d10b788298383d2ecb2930e89f02fc99e21f4707
87fe29cce1bffd50815a4a0ec63fef42f4cd002894c632ff5afb1ad5608e8c8d
GET /svr/lbc/confirmation/img/paypal-logo.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 6077
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:46 GMT
ETag: "9247625-17bd-5de5a41357a80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZzdALxyeiMjNw3f8vznfes1ZJgyu9OSb5CrOyTXT%2FsuEu9b2EO%2BcbqzBaetecD1MdHjPI2Z8F9fFoV2A14NbVdn2gDmcqP3KwGOaCdYl8h%2BKYsKGaqnqQQq5uUP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba631c9e0b31-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/vsa.png
172.67.164.244200 OK 1.9 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/vsa.png
IP 172.67.164.244:0
File type PNG image data, 37 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 0253d6dc7f382152f496b938b445e51d
2120a4ca498dfbdb2aae89146b4e2006910be721
7334c16dc04df9eef7152086d519c011301cdbf891aacff4dd28db3d09d32e42
GET /svr/lbc/confirmation/img/vsa.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 1947
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:44 GMT
ETag: "9247627-79b-5de5a4116f600"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFYbfBdyc4qESq9gauTdEBOx073WsJMdLs0b1IHq%2B7vWLrR2Aqmzj6xfXajNhP4Rps7M2%2Fht2gJrL4rmWv7gJBIgnX1Oil8hiSoFwVfhh7DInZ4oY%2B7tU9cIJ1%2Bl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba632840b503-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/amx.png
172.67.164.244200 OK 1.6 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/amx.png
IP 172.67.164.244:0
File type PNG image data, 37 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b6385b88e8d05c5efaa6a1da2f7a5ba
6fb21dcdf3bec17382fd86542390207f8a5cc2e4
8ecdaac15d3a735629ac94ec194ea046e3387e8fb5315e043b093725bf21591a
GET /svr/lbc/confirmation/img/amx.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 1573
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:48 GMT
ETag: "924761f-625-5de5a4153ff00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN4rcc%2FuH56Nf0f%2FDM%2F9IQCEG2IGG7aUD%2FPY1p96ckDHei70CQL1B8C7Ih4iHPo0kaxO6VEStH%2FzsBuXF7kFJAK%2FFFO4JYYLqacVZCCEhF8%2FMZSPIrxKKwBquZR9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba633a03b512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/img/dc.png
172.67.164.244200 OK 2.0 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/img/dc.png
IP 172.67.164.244:0
File type PNG image data, 37 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 439bfcbd48d4f2e3b042f36e12a2d82f
608a07e52979c03acea2aaa8e1e91e7f49533fff
b1004d850a57ed3b94b18c7b7ef852b2641d91538a8e76192bb5ee7f2d52903d
GET /svr/lbc/confirmation/img/dc.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 2001
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:21:46 GMT
ETag: "9247621-7d1-5de5a41357a80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do8KWJGdFy9i9ECd6VasjA7zSjzC%2Fxt5q9M3ugp0%2FVdteBCpHlhcSt9Jow9ciY2%2BY2Z40RnyKFJmZjpAmwP9SVPuBL54C3Kh5Hc5wztKzKrWJHbrwBu3HeIxtpTw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba6339fbb512-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/js/vendor.js
172.67.164.244200 OK 260 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/js/vendor.js
IP 172.67.164.244:0
Size 260 kB (260211 bytes)
Hash ff542a7420e3616c13a39d7bfe8692e8
5055b7840ff7f116dc397cab42be460648a9bafc
7fd84471db999d30eb5ef951d8debc49c507c618d7b7f1164880fb773ee79a5f
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/js/vendor.js HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:38 GMT
ETag: "924792b-de43c-5de5a444eef80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9pkYaJ9E1UxIKRrHsE5Cj94uhYNiWzB8yROn9c2MACDoGzxyMPKrcNrJDcuHCIVbYiuCWt4FnhTmg1Ft6ErWrVoXaJMgjQw1strbG4mWFH%2FxuFCA00L1kbpCF5F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba629dc1b521-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/fonts/PayPalSansBig-Light.woff2
172.67.164.244200 OK 18 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/fonts/PayPalSansBig-Light.woff2
IP 172.67.164.244:0
File type Web Open Font Format (Version 2), CFF, length 18360, version 1.6553\012- data
Hash 687b74c9a69af269c66b34ba18d6abd0
2bc090adc07a731f3c13da7969ca0a4409cee081
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/fonts/PayPalSansBig-Light.woff2 HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/public/css/page.c9a650b6b85d7c2bdddc.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: font/woff2
Content-Length: 18360
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:04 GMT
ETag: "924779c-47b8-5de5a42482300"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLe%2BzLQLXJIQnZWc3DLVbh1TqAPEC0HNWseZcNOlgmgKxCyaWUc7NrJbRLrKsLCzCZq%2FH8Mv%2B%2BM%2Fnyanq%2FqEimDImiowi4VXduPW4gvBKmRfEo0VKtcXENNxuO7p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba637cea0b31-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/img/sprite_logos_wallet_2x.png
172.67.164.244200 OK 25 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/img/sprite_logos_wallet_2x.png
IP 172.67.164.244:0
File type PNG image data, 70 x 1484, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a1a3715505fad578217dc7f3a8fd136
a33052d2156b06e3d982b1263608cdb47656499b
67fde59c8f6a234e1edd2ce77f981f676b37430cfd1a0920931e70f8279d476d
GET /svr/lbc/confirmation/public/img/sprite_logos_wallet_2x.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/public/css/main.ltr.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: image/png
Content-Length: 25084
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:12 GMT
ETag: "924791d-61fc-5de5a42c23500"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q7gZORn%2FTDboc6Vl13%2Bf4Na15N9td7HckDXhjv7AdUn89VWNiRLNbH9C%2B82quYV4tP8yq9qStgwhEEufYjRwztNalOAMYRRO5UdUCzL9C7tpjvJfyYOZzrCSjuN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba638a87b512-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 407
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4185
Cache-Control: max-age=169253
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:15:41 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:16:34 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
taxifly.nl/svr/lbc/confirmation/public/img/pp64.png
172.67.164.244200 OK 4.5 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/img/pp64.png
IP 172.67.164.244:0
File type PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash 5ff4fb77dc2ba5364283b18256b34e1a
37f8e1586e4a091d7a0a266842fd3a3d4e15c5aa
965b855f8212fb12dac35c751da64ae8c1a10ab93ac274c0f40c1d28d159ebce
GET /svr/lbc/confirmation/public/img/pp64.png HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:41 GMT
Content-Type: image/png
Content-Length: 4518
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:16 GMT
ETag: "9247911-11a6-5de5a42ff3e00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FuvDD%2B6oGOnQh8TI5niHR5iKh0qgG6iLbmdVaiKadf5xbTZw6qM63bN6FLXvilG95fJKf59BVPqN2pkAiijpR4pn9WcqSa%2FpYSj3z2oZFIrq3JXW19o4VXricJZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1ba65ba1fb521-OSL
alt-svc: h2=":443"; ma=60
taxifly.nl/svr/lbc/confirmation/public/img/pp_favicon_x.ico
172.67.164.244200 OK 1.4 kB URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/img/pp_favicon_x.ico
IP 172.67.164.244:0
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 81ab84f9696aa9d7beba436122065542
0786985d8fcdacb2773590c727add86c16263220
c45771cd69a17c5593249b739586fbf0142e5e09531183284661fd952c5e60d0
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/img/pp_favicon_x.ico HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:41 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:16 GMT
ETag: W/"9247912-1536-5de5a42ff3e00"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaWSQWYV9tNPaOmIsaNReONx0uTjI7%2FNUhUfMuq9dqP3uhXE4eQcly2NQn1n1NFoKcj7cEWvwhQHbeBLi%2BF4WE6HhIJTqMg1m5qxk4mWYkdvvfPbP8ZZmnDdN%2F7u"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba65bf32fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hoLHhIyQLhMenIsZOCow6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u3CSs7RC0Z5LaUwh302IHjm+3SU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:15:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:15:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:15:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:15:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 11:15:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 48516
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 14420
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfb61d1d2a4d3e62e410c926cfa4a1ab
5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436
4297b6c45e7dca6f841ae56da1040e1287f2e70c98e5f7fc674a674b59ebc7a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8702
x-amzn-requestid: 9687d5fa-c9f8-4afc-8278-0f0c12b28329
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx9FQ4oAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-397fca41442c0d7309395e4b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4cgRxjx6TQRxl4FIKsjrBPDZmhoDgbG72UAMRUnxZBUqV7yCfj3PyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
age: 48652
etag: "5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 037c0f19435a955d7ed58f65911e8f21
51a54b639617e113bb941d28b59c2571c0ca2e63
c2b15ed9257f220ed83845e1d0b343d21b7df9104c21162ea76b889609b8a404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9992
x-amzn-requestid: a16f614c-5a5b-4f8b-97cb-c248e0b50753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvcYEa0IAMFm_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e92b5-3b65b1b17c2a20b44a31aa9f;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:37:57 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OC0uEwrEKZ6UEEg_mpvYcoVBEUSEA_qTttmyRp1xptCRD4Vi4pFbCg==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
etag: "51a54b639617e113bb941d28b59c2571c0ca2e63"
content-type: image/jpeg
age: 47899
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 47508
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 14495
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taxifly.nl/svr/lbc/confirmation/public/js/flowBundle.js
172.67.164.244200 OK 0 B URL HTTP/1.1 taxifly.nl/svr/lbc/confirmation/public/js/flowBundle.js
IP 172.67.164.244:0
Analyzer Verdict Alert fortinet Phishing
GET /svr/lbc/confirmation/public/js/flowBundle.js HTTP/1.1
Host: taxifly.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taxifly.nl/svr/lbc/confirmation/carte-bancaire.php
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:15:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 06 May 2022 16:22:38 GMT
ETag: "9247929-dab67-5de5a444eef80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9nCio3u9dkGHthSlTFivmdyR3x%2FQawBAR2zBkmM7DPH0rQ2Jx1Yoe6opLnJZ%2Bg4xCF8mqpeQNzA29EZ1i4ybDO0KyqmcWOCKknxT4g6HvIlTyElBdtOf5xsWvlu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1ba629cd7fac8-OSL
alt-svc: h2=":443"; ma=60