r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Wed, 18 Jan 2023 09:03:43 GMT
Date: Wed, 18 Jan 2023 08:27:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6334
Expires: Wed, 18 Jan 2023 10:13:10 GMT
Date: Wed, 18 Jan 2023 08:27:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 07:49:19 GMT
content-type: application/json
age: 2297
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20007
Expires: Wed, 18 Jan 2023 14:01:03 GMT
Date: Wed, 18 Jan 2023 08:27:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xER6yjISxViSG04iboqV98p7986Z8O1UQyvLlhKagEjrj1+8lO0ThJJ4+vIWCioemoQA5thDhx0=
x-amz-request-id: FYQ405ZX2867XZYJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 07:45:19 GMT
age: 2537
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 08:27:36 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bdhleon.com/wps
200.58.111.29301 Moved Permanently 231 B IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a76c0f756850006348059778817200f6
b69a87614e79ba978ae020246c54b2c2a0279f2a
a21ff315285fc843f47239ce3f6bfbe8e6c196a8691ccc90d2791a1950c2b7c2
Analyzer Verdict Alert fortinet Phishing
GET /wps HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 08:27:36 GMT
Server: Apache
Location: http://bdhleon.com/wps/
Content-Length: 231
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 08:17:25 GMT
age: 612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:37 GMT
Last-Modified: Wed, 18 Jan 2023 07:14:33 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.61.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.61.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FerTTheYcFBODclngKLxMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XdhoCC+BLcOtKYih9GaZJ4KJ8jE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 08:27:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 08:27:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 08:27:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 08:27:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 928e970121a035e9f8d537e4bfe6bf5c
ce4aadc6b3500508d1c4b42b76f09be4414b6eee
2da1438b17cf05aed64e565350dcc706420f2bae7e8c5e36d1b5bad38248c275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 5b743b27-b6d4-4d98-9984-3a5e17cb28e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1xH8BIAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f1-2f1031db0871abae4760d5b6;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jyWosZVSdPHomvHRyf-MuxVp0gR7sKIJ0-jmMStDeixhd8Bhoqzitg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:09 GMT
age: 37588
etag: "ce4aadc6b3500508d1c4b42b76f09be4414b6eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 37672
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df397b10a8e03cec7f74cd8f0fbb4e6e
625e8a1b7e865def8861e194ac754c486cd374e7
6bafab2eaac6814dd4c0f2155119f71e01cf6ecd602d51fa5d5e547db3588705
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7574
x-amzn-requestid: e330d010-6465-47c6-b45f-b25a6de84f9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A16GjsIAMFYgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f2-17ca5566719117874cb6a6d0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wF_siKELQDBuWLkhNtrGzLwKyuMaGaSoCQNpE5etDRs6XotQgRYF3w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:02:53 GMT
age: 37484
etag: "625e8a1b7e865def8861e194ac754c486cd374e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9200e43ca808b9ecec74828e03853d4c
3070340147ced46e5fdf73408272aa39391976fb
abdaedfc2da45180c463607686b20afd82113b78cfa78b0f28ab169b9858469b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 79329eb3-8d89-423f-8626-32c5e2e2831a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gHpeoAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-5e859dc121cd322c6b684eee;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKl5JNASQseZsuX_yJtVaUT2TCY5lKIxjJ8QvhDIXDAkC8GwIRilYg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 37589
etag: "3070340147ced46e5fdf73408272aa39391976fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:29 GMT
age: 16028
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif
34.120.237.76200 OK 25 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash e9e29acd071f93411556a2a1cbb076fa
6cc5c64b7e82cc5bdc148be6f4760e98cb06f414
a1d23e683f912c5c9a334df441908c7d522ae8f41c91dbb0e99e6bf5162bc54e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F861225b5-aa80-4ecb-b68c-3a62a2e3d376.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 24970
x-amzn-requestid: 65ccc511-17aa-468c-a607-f531ccba1e91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K86HLgIAMFfxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-798eaf875ae85c5e1d73e183;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RCzR1Y9Aya6p6jIR9T0rDo5BEyR_q238uzLQpJ7veDu2HDPCaMtKbg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:56:47 GMT
age: 16250
etag: "6cc5c64b7e82cc5bdc148be6f4760e98cb06f414"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bdhleon.com/wps/
200.58.111.29200 OK 8.0 kB IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (825)
Hash 53c5d0e3ea56663b8dffb0c7a2e6a567
fcbf7b0f565bbcaad8dc4ea5f01d492fa1c8a010
2c6a4c6bd0a93a84da76812ab0bb0653f005fafda5ddef002791226cee0684d7
Analyzer Verdict Alert fortinet Phishing
GET /wps/ HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.25
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8002
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KXHQ7FV
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KXHQ7FV
IP 142.250.74.168:0
File type ASCII text, with very long lines (2558)
Hash c1be2cbc668626c9f064f47d2f7dc967
b65d34397a354edeb5d3247702e3a86df1eed00e
266a775540ba685ca7a5935fd9dec465e6a51edf052f2f11adf95a71cee07bfe
GET /gtm.js?id=GTM-KXHQ7FV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 08:27:38 GMT
expires: Wed, 18 Jan 2023 08:27:38 GMT
cache-control: private, max-age=900
last-modified: Wed, 18 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdhleon.com/wps/index_files/fbevents.js.descarga
200.58.111.29200 OK 28 kB URL HTTP/1.1 bdhleon.com/wps/index_files/fbevents.js.descarga
IP 200.58.111.29:0
File type ASCII text, with very long lines (64348)
Hash acf344ceaf9be1c4e69773807426f85a
2cfe6acad97b04baa137d6f46ade64e408294995
70a0969420840cc92f46eea2ef977df348f29a41aaf6d09db5bcc0c9a5bf7d48
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/fbevents.js.descarga HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:22 GMT
ETag: "1a468-5f21d1e7bbc40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27689
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
bdhleon.com/wps/index_files/detect.js.descarga
200.58.111.29200 OK 512 B URL HTTP/1.1 bdhleon.com/wps/index_files/detect.js.descarga
IP 200.58.111.29:0
File type ASCII text, with very long lines (1644), with no line terminators
Hash 9d2857af9e89d9f4d077aa207d30655b
ba3bcc93ad54901d376d87d5411f724e29eb1114
23df46a53c019d7894f18721bc3ae3172beeaa31a59f10f6c5b740969b280421
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/detect.js.descarga HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:22 GMT
ETag: "66c-5f21d1e77d446-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 512
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript
bdhleon.com/wps/index_files/analytics.js.descarga
200.58.111.29200 OK 20 kB URL HTTP/1.1 bdhleon.com/wps/index_files/analytics.js.descarga
IP 200.58.111.29:0
File type ASCII text, with very long lines (1325)
Hash 93bde531cb4f65be97d29e35331ca13e
a893da1a81f92a8b58bba978dbe35780c97235b2
2172506c0cbb4a0f851f60c59097cf9e578de853c1382061395858f5d448ab8d
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/analytics.js.descarga HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "c436-5f21d1e531a26-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20073
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript
bdhleon.com/wps/index_files/ra_collection(1)
200.58.111.29200 OK 10 kB URL HTTP/1.1 bdhleon.com/wps/index_files/ra_collection(1)
IP 200.58.111.29:0
File type Unicode text, UTF-8 text, with very long lines (10208)
Hash bffb10d4f8dc2e43185ed34ed08ab199
f9f693defb66ec76b01c2e87d089780596574249
1fc42d124001ec0807fe82188ea8bb8bec35910cecc4c7833e1041882977a45c
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/ra_collection(1) HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:39 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:25 GMT
ETag: "281e-5f21d1e9fce69"
Accept-Ranges: bytes
Content-Length: 10270
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
bdhleon.com/wps/index_files/style1.css
200.58.111.29200 OK 42 kB URL HTTP/1.1 bdhleon.com/wps/index_files/style1.css
IP 200.58.111.29:0
File type ASCII text, with very long lines (65369)
Hash de10eed8360f803757ffc24d881a796b
df023601247d120e557c13d36f7a2b09416f0686
2549dc6365848c440871dc2748004a83bcd516a980f6bbbaadf4a6d773dbb82d
GET /wps/index_files/style1.css HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:26 GMT
ETag: "39ecf-5f21d1eb369d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42476
Keep-Alive: timeout=10, max=200
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 544006635f64d2f302c3bde070b9e8d3
9ce1d38f325d5020f97823ae9bbc10db8c9ff35b
e245fd2018c0b8739dbd64222723d13db90690043bd93ede0a2bca26b9762053
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1136
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:39 GMT
Last-Modified: Wed, 18 Jan 2023 08:08:43 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 471
bdhleon.com/wps/index_files/gtm.js.descarga
200.58.111.29200 OK 51 kB URL HTTP/1.1 bdhleon.com/wps/index_files/gtm.js.descarga
IP 200.58.111.29:0
File type ASCII text, with very long lines (2558)
Hash 174421be858f93134eaa3be0a8fd7353
5f4ecf88a8f430f26bc646c21133e68681b09c29
efd47b8ac5cb2b35d7436b327dfe0fe6399c3baf8b6f7f8fd5b7587fd7a9b153
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/gtm.js.descarga HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:23 GMT
ETag: "20df7-5f21d1e804461-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=200
Transfer-Encoding: chunked
Content-Type: application/javascript
bdhleon.com/wps/index_files/242328147526346
200.58.111.29200 OK 308 kB URL HTTP/1.1 bdhleon.com/wps/index_files/242328147526346
IP 200.58.111.29:0
File type ASCII text, with very long lines (64471)
Size 308 kB (308129 bytes)
Hash acfbde341569678703f81231ef19e2a1
29846444058c4ee0a455a6ae8a4ab7d595eefbcd
b8408630df84b479731128088be777a4e226b8f23493ba346c78df6e3a137dda
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/242328147526346 HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "4b3a1-5f21d1e501c8a"
Accept-Ranges: bytes
Content-Length: 308129
Keep-Alive: timeout=10, max=200
bdhleon.com/wps/index_files/ra_collection
200.58.111.29200 OK 588 kB URL HTTP/1.1 bdhleon.com/wps/index_files/ra_collection
IP 200.58.111.29:0
File type ASCII text, with very long lines (65442)
Size 588 kB (588396 bytes)
Hash eda2663dea901ca7771383ed9aaddb61
d37f61fb83ea8e99e1b3ac4b4247d9ebf74a46d5
297d23d664fd27795907d4963518c43718cae0b2a8bc8e8a83f64e29885bac91
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/ra_collection HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:25 GMT
ETag: "8fa6c-5f21d1ea02071"
Accept-Ranges: bytes
Content-Length: 588396
Keep-Alive: timeout=10, max=200
detectca.easysol.net/detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.27749454620791714
107.23.44.14200 OK 82 B URL HTTP/1.1 detectca.easysol.net/detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.27749454620791714
IP 107.23.44.14:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ae11c9259e141875b33cbb6598aa1485
4d71dc1bd4621df68ee846fe3f9409606aabced4
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.27749454620791714 HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:27:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
www.google-analytics.com/j/collect?v=1&_v=j98&a=2141933676&t=pageview&_s=1&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&ul=en-us&de=UTF-8&dt=Banco%20BHD&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=aEBAAEABEAAAACAAI~&jid=844222263&gjid=436000698&cid=1758485268.1674030460&tid=UA-32863799-1&_gid=499219198.1674030460&_r=1&_slc=1&cd1=&z=391130085
216.239.38.178200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2141933676&t=pageview&_s=1&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&ul=en-us&de=UTF-8&dt=Banco%20BHD&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=aEBAAEABEAAAACAAI~&jid=844222263&gjid=436000698&cid=1758485268.1674030460&tid=UA-32863799-1&_gid=499219198.1674030460&_r=1&_slc=1&cd1=&z=391130085
IP 216.239.38.178:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=2141933676&t=pageview&_s=1&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&ul=en-us&de=UTF-8&dt=Banco%20BHD&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=aEBAAEABEAAAACAAI~&jid=844222263&gjid=436000698&cid=1758485268.1674030460&tid=UA-32863799-1&_gid=499219198.1674030460&_r=1&_slc=1&cd1=&z=391130085 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bdhleon.com
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://bdhleon.com
date: Wed, 18 Jan 2023 08:27:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bdhleon.com/wps/index_files/LogoSB.png
200.58.111.29200 OK 13 kB URL HTTP/1.1 bdhleon.com/wps/index_files/LogoSB.png
IP 200.58.111.29:0
File type PNG image data, 450 x 451, 8-bit/color RGBA, non-interlaced\012- data
Hash 05be705f6cf52a13d46cc101fe2afe88
8fd18a4cc2242c7b11943efd17daa26fbf497152
c4d0dab37f80b6134e45c378225782c91b7e458e5750d05ddac1bd5eac4a5dd1
GET /wps/index_files/LogoSB.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:23 GMT
ETag: "3278-5f21d1e890684"
Accept-Ranges: bytes
Content-Length: 12920
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/index_files/180x90+banner+pequen%CC%83o+BHD+BIEN.jpg
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/180x90+banner+pequen%CC%83o+BHD+BIEN.jpg
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/180x90+banner+pequen%CC%83o+BHD+BIEN.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/banner_180x90_wellness_bhd.jpg
200.58.111.29200 OK 30 kB URL HTTP/1.1 bdhleon.com/wps/index_files/banner_180x90_wellness_bhd.jpg
IP 200.58.111.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x90, components 3\012- data
Hash 32f040f801dafce116a2f8040091db2e
6d0184f8ef0e407983a86002e31468009c24a8da
06fb7de4fa90c482a8ac879df7af67017392b3406be8446ff86d314867ca8a42
GET /wps/index_files/banner_180x90_wellness_bhd.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:21 GMT
ETag: "7453-5f21d1e5e9f4c"
Accept-Ranges: bytes
Content-Length: 29779
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/jpeg
detectca.easysol.net/detectca/scripts/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/detect.js
107.23.44.14200 OK 1.6 kB URL HTTP/1.1 detectca.easysol.net/detectca/scripts/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/detect.js
IP 107.23.44.14:0
File type ASCII text, with very long lines (1640), with no line terminators
Hash 9879f3d7063820bfa182a161e05866f8
6425cf80c65ab768ce341f266c8d058cb2b07882
5e5198599f3bb094c3eedb1331d58448e60b1c4eadd0afff2cb0eb2e4dbafb21
GET /detectca/scripts/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/detect.js HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:27:40 GMT
Content-Type: application/javascript
Content-Length: 1640
Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT
Connection: keep-alive
ETag: "61243680-668"
Accept-Ranges: bytes
bdhleon.com/wps/perso.html
200.58.111.29200 OK 7.4 kB URL HTTP/1.1 bdhleon.com/wps/perso.html
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4690)
Hash e9eb0a199007007c09ece4fc4f3061a6
fc33fe443811aa782971e7620053fd2e839145bf
87834e0dd5c866e04f35d0003b10c5ac89b7dd40698cec6bec9e5d4f80c13323
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Possible Phish - Saved Website Comment Observed
GET /wps/perso.html HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:10 GMT
ETag: "51a5-5f21d1dbcc2c2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7388
Keep-Alive: timeout=10, max=200
Content-Type: text/html
bdhleon.com/wps/index_files/HP.html
200.58.111.29200 OK 7.4 kB URL HTTP/1.1 bdhleon.com/wps/index_files/HP.html
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3882)
Hash e182695e1dfba8269026c0eb7287480a
196d9b60445c14600d37d6c9aa2426e3cfc80795
f5cfd620c192ee779373f925bfaf77a2cb637e55b11196f46d8f42f59e730886
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Possible Phish - Saved Website Comment Observed
GET /wps/index_files/HP.html HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Jan 2023 03:49:23 GMT
ETag: "5762-5f21d1e83ab74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7375
Keep-Alive: timeout=10, max=200
Content-Type: text/html
bdhleon.com/wps/index_files/bg_web.jpg
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/bg_web.jpg
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/bg_web.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
detectca.easysol.net/detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.9026334072508344
107.23.44.14200 OK 82 B URL HTTP/1.1 detectca.easysol.net/detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.9026334072508344
IP 107.23.44.14:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ae11c9259e141875b33cbb6598aa1485
4d71dc1bd4621df68ee846fe3f9409606aabced4
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /detectca/images/IkdhFg2jKjOmCujHP22n9cqRdyRkUG/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://bdhleon.com/wps/&rf=&nc=0.9026334072508344 HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 08:27:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
bdhleon.com/wps/index_files/1600x550_2WBC_BHD.png
200.58.111.29200 OK 303 kB URL HTTP/1.1 bdhleon.com/wps/index_files/1600x550_2WBC_BHD.png
IP 200.58.111.29:0
File type PNG image data, 1600 x 550, 8-bit colormap, non-interlaced\012- data
Size 303 kB (303032 bytes)
Hash 60efeb3bb1110d7bdebefd1ec932cd4f
441685173a2b411f78cb76da26950d1f7076a900
8fc39162e1137b264440a132c5bb08abc2a950201de48b0378cdea5d9e058ed0
GET /wps/index_files/1600x550_2WBC_BHD.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:19 GMT
ETag: "49fb8-5f21d1e465899"
Accept-Ranges: bytes
Content-Length: 303032
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/index_files/180x90_WBC_BHD+paint.png
200.58.111.29200 OK 30 kB URL HTTP/1.1 bdhleon.com/wps/index_files/180x90_WBC_BHD+paint.png
IP 200.58.111.29:0
File type PNG image data, 180 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 2547d737cfdd63afd29d14a1f5e9df49
a89b26451273e945179eb8949fd23529ab50f4ac
7bb887cfe2935634efb58175067db910bf2885c1409be98908a883b455475712
GET /wps/index_files/180x90_WBC_BHD+paint.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:19 GMT
ETag: "747f-5f21d1e497d44"
Accept-Ranges: bytes
Content-Length: 29823
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&gjid=436000698&_gid=499219198.1674030460&_u=aEBAAEAAEAAAACAAI~&z=1698117566
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&gjid=436000698&_gid=499219198.1674030460&_u=aEBAAEAAEAAAACAAI~&z=1698117566
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&gjid=436000698&_gid=499219198.1674030460&_u=aEBAAEAAEAAAACAAI~&z=1698117566 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bdhleon.com
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://bdhleon.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 08:27:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdhleon.com/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.woff
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.woff
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Phishing
GET /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.woff HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/btn-bhd-online.png
200.58.111.29200 OK 8.2 kB URL HTTP/1.1 bdhleon.com/wps/index_files/btn-bhd-online.png
IP 200.58.111.29:0
File type PNG image data, 272 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 12bbeca6f6a3094c25ad0f27688d61c4
5a9e085666e834b950acf6d370f0dd3788de9bc2
d746e03ee3a35d66c5ad30d0218cee058dd3471dda46c5d53094a772dd0989c8
GET /wps/index_files/btn-bhd-online.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:21 GMT
ETag: "2019-5f21d1e62641e"
Accept-Ranges: bytes
Content-Length: 8217
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/index_files/ARF
200.58.111.29200 OK 0 B URL HTTP/1.1 bdhleon.com/wps/index_files/ARF
IP 200.58.111.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/ARF HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/HP.html
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "0-5f21d1e514568"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
bdhleon.com/wps/index_files/sub-menu_bg.jpg
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/sub-menu_bg.jpg
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/sub-menu_bg.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.ttf
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.ttf
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Phishing
GET /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/fonts/trebuc.ttf HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/check.js.descarga
200.58.111.29200 OK 29 kB URL HTTP/1.1 bdhleon.com/wps/index_files/check.js.descarga
IP 200.58.111.29:0
File type ASCII text, with very long lines (17988)
Hash ee53f227d8234638b585d514941b2ee6
0a855f5f1a956cc26ae9b84e65e046ca8beb1303
38773697d91eebfe5c449116ded6d2c40a8a5935cf81571d6959b8626d958a63
Analyzer Verdict Alert fortinet Phishing
GET /wps/index_files/check.js.descarga HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/HP.html
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:21 GMT
ETag: "34421-5f21d1e66c530-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28904
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: application/javascript
bdhleon.com/wps/index_files/logo-1.png
200.58.111.29200 OK 154 kB URL HTTP/1.1 bdhleon.com/wps/index_files/logo-1.png
IP 200.58.111.29:0
File type PNG image data, 1354 x 417, 8-bit/color RGBA, interlaced\012- data
Size 154 kB (154271 bytes)
Hash 15e6b52732c804009655d8774deeb46d
bdd821d6838599adb7195e88a9489a2e6cf25fe0
cb35b59fcbcba73d2980e821fa66cc5e41e47e37d28e8c519e4c7fd4e89231ad
GET /wps/index_files/logo-1.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:23 GMT
ETag: "25a9f-5f21d1e896c13"
Accept-Ranges: bytes
Content-Length: 154271
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/index_files/main-menu-close.png
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/main-menu-close.png
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/main-menu-close.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/slide-control.png
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/slide-control.png
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/slide-control.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/thums_bg.png
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/thums_bg.png
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/thums_bg.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/thums_bg_on.png
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/thums_bg_on.png
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/thums_bg_on.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/bhd-1.png
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/index_files/bhd-1.png
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/index_files/bhd-1.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/index_files/style1.css
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/index_files/Banner+1600x550+Banner+Home+BHD.jpg
200.58.111.29200 OK 284 kB URL HTTP/1.1 bdhleon.com/wps/index_files/Banner+1600x550+Banner+Home+BHD.jpg
IP 200.58.111.29:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Macintosh), datetime=2022:12:28 00:31:23], progressive, precision 8, 1600x550, components 3\012- data
Size 284 kB (283630 bytes)
Hash bb139194558cc686122f760ed0b923ec
ed5262dee4d108a050822311684bd6d6dad36a90
2936f2dd3580e6718623a5cf83ef264103528e0e6f31ecfd2b0817b1be415d64
GET /wps/index_files/Banner+1600x550+Banner+Home+BHD.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "453ee-5f21d1e581f46"
Accept-Ranges: bytes
Content-Length: 283630
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: image/jpeg
bdhleon.com/wps/index_files/Bannersite.jpg
200.58.111.29200 OK 114 kB URL HTTP/1.1 bdhleon.com/wps/index_files/Bannersite.jpg
IP 200.58.111.29:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1601x551, components 3\012- data
Size 114 kB (114092 bytes)
Hash 054adc2fb9469fb15385fcdc3fd02e9f
e3ef68649ed5d145b8fdfdb4cf974369ef69ba87
bfb7849c2f56c834aefa8ba4cfa6c78f4422b5224a4b2575c2f3b9110c32fad6
GET /wps/index_files/Bannersite.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "1bdac-5f21d1e5a6d1a"
Accept-Ranges: bytes
Content-Length: 114092
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: image/jpeg
bdhleon.com/wps/index_files/Bannersite.png
200.58.111.29200 OK 12 kB URL HTTP/1.1 bdhleon.com/wps/index_files/Bannersite.png
IP 200.58.111.29:0
File type PNG image data, 180 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 44418f7d664e0284ce21a6f71f771410
f8bb96b7d6c11db1d8f398699aa9e8d74c8055a7
d5e50619acfd4d6a3171c165735b3d55506ab5b9f0e7e6b0d189dd6afaba781d
GET /wps/index_files/Bannersite.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "30b0-5f21d1e5aa3ca"
Accept-Ranges: bytes
Content-Length: 12464
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/index_files/Banners350x100-Cambio.jpg
200.58.111.29200 OK 52 kB URL HTTP/1.1 bdhleon.com/wps/index_files/Banners350x100-Cambio.jpg
IP 200.58.111.29:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=100, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=350], progressive, precision 8, 350x100, components 3\012- data
Hash 82cf6e5bdbd995154061dbf47145be70
6a73541b5caff9a0189f8ecb7a2dcb1fada952d4
1c7a411a19e22f85fad056ae416b457a651c62001bfa34c4f554bbbd126ef108
GET /wps/index_files/Banners350x100-Cambio.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:20 GMT
ETag: "cad5-5f21d1e5690d8"
Accept-Ranges: bytes
Content-Length: 51925
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: image/jpeg
bdhleon.com/wps/index_files/Prestamos-Tasa.jpg
200.58.111.29200 OK 55 kB URL HTTP/1.1 bdhleon.com/wps/index_files/Prestamos-Tasa.jpg
IP 200.58.111.29:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2015:08:26 17:06:25], progressive, precision 8, 350x100, components 3\012- data
Hash ce119505d46889bf198e5b954141b069
c53dcdf116826e5a9eb6762bfc45954422924319
8367e1386881eeef0c639e12da2a1b211ef420ec6f831caea7fc888c98aea2fb
GET /wps/index_files/Prestamos-Tasa.jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:25 GMT
ETag: "d767-5f21d1e9c82ae"
Accept-Ranges: bytes
Content-Length: 55143
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: image/jpeg
bdhleon.com/wps/perso_files/mashup_ra_collection
200.58.111.29200 OK 379 kB URL HTTP/1.1 bdhleon.com/wps/perso_files/mashup_ra_collection
IP 200.58.111.29:0
Size 379 kB (378895 bytes)
Hash ec62dd6dce5e1b91c32305c89837f903
5e82194a87101fbd1cb8ed74bd87dec973bba2f0
9667d170e7bafa9347072e1d2c8eaf9aaf465b4df96a0da9cf77efaebaffc0c7
Analyzer Verdict Alert fortinet Phishing
GET /wps/perso_files/mashup_ra_collection HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/perso.html
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:40 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:33 GMT
ETag: "5c80f-5f21d1f1860e2"
Accept-Ranges: bytes
Content-Length: 378895
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Wed, 18 Jan 2023 08:16:09 GMT
Expires: Wed, 18 Jan 2023 10:16:09 GMT
Cache-Control: public, max-age=7200
Age: 693
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Last-Modified: Wed, 18 Jan 2023 06:48:58 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash e1c7515ba5231aaae042ef63071a8562
676673d88597e11f572ac38844b18562ab57b920
002b5adabb3fb37aa6c0f18adee2f221a770e217fe95a027fcf8b8fe84794a19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /2gRiKLORtgSm3Jf+Tq9XLi6vJzDo438fT8qpTWLSxfOBY8BwflyCQXxNCrtUP/DYAvGXSZTQNySHeQyigYtMQ==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Wed, 18 Jan 2023 08:27:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 471 B IP 172.217.21.163:0
Hash 38de5599544ffa789bad3f8686808c5e
fa442ea8ec124d47130fe75d0e848330a279e19e
d0344819ecf4cb1795fcd668d5f1a806121a48e174588ecd2eb8751595ac61ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:27:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Last-Modified: Wed, 18 Jan 2023 06:48:58 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32863799-1&cid=1758485268.1674030460&jid=844222263&_u=aEBAAEAAEAAAACAAI~&z=1963713207 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 08:27:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 471 B IP 172.217.21.163:0
Hash 38de5599544ffa789bad3f8686808c5e
fa442ea8ec124d47130fe75d0e848330a279e19e
d0344819ecf4cb1795fcd668d5f1a806121a48e174588ecd2eb8751595ac61ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdhleon.com/wps/perso_files/clear(2).png
200.58.111.29200 OK 81 B URL HTTP/1.1 bdhleon.com/wps/perso_files/clear(2).png
IP 200.58.111.29:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /wps/perso_files/clear(2).png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/perso.html
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:42 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:30 GMT
ETag: "51-5f21d1eedd29b"
Accept-Ranges: bytes
Content-Length: 81
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/perso_files/clear1.png
200.58.111.29200 OK 0 B URL HTTP/1.1 bdhleon.com/wps/perso_files/clear1.png
IP 200.58.111.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wps/perso_files/clear1.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/perso.html
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:42 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:31 GMT
ETag: "0-5f21d1ef72545"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: image/png
bdhleon.com/wps/perso_files/dd_arrow_login.gif
200.58.111.29404 Not Found 196 B URL HTTP/1.1 bdhleon.com/wps/perso_files/dd_arrow_login.gif
IP 200.58.111.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /wps/perso_files/dd_arrow_login.gif HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/perso_files/mashup_ra_collection
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 08:27:42 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdhleon.com/wps/perso_files/maquetasprite.png
200.58.111.29200 OK 327 kB URL HTTP/1.1 bdhleon.com/wps/perso_files/maquetasprite.png
IP 200.58.111.29:0
File type PNG image data, 300 x 2000, 8-bit/color RGBA, interlaced\012- data
Size 327 kB (327363 bytes)
Hash e82718dc4a9fd014817769ccc3999dae
efc9c37982ad7025cc3deeb6acd5331997744b4d
0d74446e7e0a7838b016a172c8cda9c4e6239358c6e335b98c2ef6e8864dac72
GET /wps/perso_files/maquetasprite.png HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/perso_files/mashup_ra_collection
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e; _ga=GA1.2.1758485268.1674030460; _gid=GA1.2.499219198.1674030460; _gat=1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:42 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:32 GMT
ETag: "4fec3-5f21d1f129873"
Accept-Ranges: bytes
Content-Length: 327363
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f404da3b1abdefd6f64e8ab04e9cb72c
f370005dff7facaadd69b0798429288c7a7dfeb7
6401934189fb3b3e98c348bce0803f026e71bd48050af1879f19730f398d1e09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Last-Modified: Wed, 18 Jan 2023 06:47:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 477065ec836d5d086c6586bb804ad073
edbe34158fdc15466fa7dba66b5e88a5406c1496
fc4b05d013faa6071d1017b3733b2ee76cbdc46e6e7c41a7b505879c6f3d64e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145656
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Etag: "63c74376-1d7"
Expires: Fri, 20 Jan 2023 00:55:18 GMT
Last-Modified: Wed, 18 Jan 2023 00:55:18 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 477065ec836d5d086c6586bb804ad073
edbe34158fdc15466fa7dba66b5e88a5406c1496
fc4b05d013faa6071d1017b3733b2ee76cbdc46e6e7c41a7b505879c6f3d64e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 08:27:42 GMT
Server: ECS (amb/6B82)
Content-Length: 471
bdhleon.com/wps/index_files/banner_1600x550_wellness_bhd+(1).jpg
200.58.111.29200 OK 151 kB URL HTTP/1.1 bdhleon.com/wps/index_files/banner_1600x550_wellness_bhd+(1).jpg
IP 200.58.111.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x550, components 3\012- data
Size 151 kB (150794 bytes)
Hash 8dcdf89548e77ddd32cf3ee940277948
d8d3dc7eca68dacebeb59b52878e2e9fe4679b3b
ff03470ffc89715e49ef76f7d0e738fe0b55eb082cb6a59373e1d4e24218a751
GET /wps/index_files/banner_1600x550_wellness_bhd+(1).jpg HTTP/1.1
Host: bdhleon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdhleon.com/wps/
Cookie: PHPSESSID=147cad9eb0a58f1d482e02e9b4f5aa5e
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:41 GMT
Server: Apache
Last-Modified: Fri, 13 Jan 2023 03:49:21 GMT
ETag: "24d0a-5f21d1e5f629b"
Accept-Ranges: bytes
Content-Length: 150794
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: image/jpeg
www.facebook.com/tr/?id=242328147526346&ev=PageView&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&rl=&if=false&ts=1674030462693&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674030462691.1145261973&it=1674030462214&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=242328147526346&ev=PageView&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&rl=&if=false&ts=1674030462693&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674030462691.1145261973&it=1674030462214&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=242328147526346&ev=PageView&dl=http%3A%2F%2Fbdhleon.com%2Fwps%2F&rl=&if=false&ts=1674030462693&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674030462691.1145261973&it=1674030462214&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Jan 2023 08:27:42 GMT
X-Firefox-Spdy: h2
bhd.com.do/wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
204.126.128.60302 Found 0 B URL HTTP/1.1 bhd.com.do/wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
IP 204.126.128.60:0
ASN #6400 Compania Dominicana de Telefonos S. A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png HTTP/1.1
Host: bhd.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 08:27:31 GMT
Server: IBM_HTTP_Server
ARM_CORRELATOR: 002ECC00303030303036464330303035463238353936363638333238304242354132333430424235413233340001
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Powered-By: Servlet/3.0
Accept-Ranges: bytes
Location: /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
X-Request-Digest: NzaYyllem8vGJo2IJ0isWA
X-DataSource-Digest: XzWpHd4WWNGJyUWtkUvndg
Content-Length: 0
Cache-Control: max-age=604800
Expires: Wed, 25 Jan 2023 08:27:31 GMT
Content-Security-Policy: object-src 'self' 'unsafe-inline' 'unsafe-eval';
X-XSS-Protection: 1; mode=block
X-content-Type-Options: nosniff
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Language: en-US
Set-Cookie: NSC_mc_CIEMfpo_Qpsubm_Joufsop=ffffffffc3a0e29845525d5f4f58455e445a4a42378b;expires=Wed, 18-Jan-2023 09:00:46 GMT;path=/;secure;httponly
Strict-Transport-Security: max-age=63072000
bhd.com.do/wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
204.126.128.60302 Found 0 B URL HTTP/1.1 bhd.com.do/wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
IP 204.126.128.60:0
ASN #6400 Compania Dominicana de Telefonos S. A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wps/contenthandler/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico HTTP/1.1
Host: bhd.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdhleon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 18 Jan 2023 08:27:31 GMT
Server: IBM_HTTP_Server
ARM_CORRELATOR: 002ECC00303030303036464330303035463238353936363646443342304242354132333630424235413233360001
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Powered-By: Servlet/3.0
Accept-Ranges: bytes
Location: /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
X-Request-Digest: NzaYyllem8vGJo2IJ0isWA
X-DataSource-Digest: XzWpHd4WWNGJyUWtkUvndg
Content-Length: 0
Cache-Control: max-age=604800
Expires: Wed, 25 Jan 2023 08:27:31 GMT
Vary: User-Agent
Content-Security-Policy: object-src 'self' 'unsafe-inline' 'unsafe-eval';
X-XSS-Protection: 1; mode=block
X-content-Type-Options: nosniff
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Language: en-US
Set-Cookie: NSC_mc_CIEMfpo_Qpsubm_Joufsop=ffffffffc3a0e29845525d5f4f58455e445a4a42378b;expires=Wed, 18-Jan-2023 09:00:46 GMT;path=/;secure;httponly
Strict-Transport-Security: max-age=63072000
bhd.com.do/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
204.126.128.60200 OK 15 kB URL HTTP/1.1 bhd.com.do/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
IP 204.126.128.60:0
ASN #6400 Compania Dominicana de Telefonos S. A.
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 2c203fb7aa177752c7cdc168e101b47a
728138e5aefb05231950b511d5641d05e93933f8
1d2afd917a3b164c4c316f7acb945cf06a5617e5f881dc196176cfcdbfb869e1
GET /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico HTTP/1.1
Host: bhd.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bdhleon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:31 GMT
Server: IBM_HTTP_Server
ARM_CORRELATOR: 002ECC00303030303036464330303035463238353936363939434234304242354132333930424235413233390001
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Powered-By: Servlet/3.0
Accept-Ranges: bytes
X-Request-Digest: NzaYyllem8vGJo2IJ0isWA
X-DataSource-Digest: XzWpHd4WWNGJyUWtkUvndg
Expires: Wed, 25 Jan 2023 08:27:27 GMT
Cache-Control: public, max-age=604800
ETag: W/"BEE0037B181"
Last-Modified: Fri, 01 Jul 2022 00:36:38 GMT
Content-Location: /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/favicon_n.ico
Content-Disposition: attachment;filename="favicon_n.ico";size=15406;modification-date="Fri, 01 Jul 2022 00:36:38 GMT"
Vary: User-Agent
Content-Security-Policy: object-src 'self' 'unsafe-inline' 'unsafe-eval';
X-XSS-Protection: 1; mode=block
X-content-Type-Options: nosniff
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/x-icon
Content-Language: en-US
Set-Cookie: WRTCorrelator=000006FC0005f28596699cb40BB5A239; Secure; HttpOnly;
NSC_mc_CIEMfpo_Qpsubm_Joufsop=ffffffffc3a0e29845525d5f4f58455e445a4a42378b;expires=Wed, 18-Jan-2023 09:00:46 GMT;path=/;secure;httponly
Strict-Transport-Security: max-age=63072000
bhd.com.do/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
204.126.128.60200 OK 301 kB URL HTTP/1.1 bhd.com.do/wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
IP 204.126.128.60:0
ASN #6400 Compania Dominicana de Telefonos S. A.
File type PNG image data, 633 x 633, 8-bit/color RGBA, interlaced\012- data
Size 301 kB (300781 bytes)
Hash da034cb3e49852fc88fcad55aa1436b3
6501cf698d2c13e5c60268fb422f6b629fe8ad7c
2854e57c880ed91e0d0e5d5c23c20c904dfd5348f94667508fd6c7ce24729796
GET /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png HTTP/1.1
Host: bhd.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bdhleon.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 08:27:31 GMT
Server: IBM_HTTP_Server
ARM_CORRELATOR: 002ECC00303030303036464330303035463238353936363932323933304242354132333830424235413233380001
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Powered-By: Servlet/3.0
Accept-Ranges: bytes
X-Request-Digest: NzaYyllem8vGJo2IJ0isWA
X-DataSource-Digest: XzWpHd4WWNGJyUWtkUvndg
Expires: Wed, 25 Jan 2023 08:27:27 GMT
Cache-Control: public, max-age=604800
ETag: W/"63C1537B181"
Last-Modified: Fri, 01 Jul 2022 00:38:06 GMT
Content-Location: /wps/contenthandler/!ut/p/digest!XzWpHd4WWNGJyUWtkUvndg/dav/fs-type1/themes/BHDTheme/build/themes/images/logobh152.png
Content-Disposition: attachment;filename="logobh152.png";size=300781;modification-date="Fri, 01 Jul 2022 00:38:06 GMT"
Content-Security-Policy: object-src 'self' 'unsafe-inline' 'unsafe-eval';
X-XSS-Protection: 1; mode=block
X-content-Type-Options: nosniff
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
Content-Language: en-US
Set-Cookie: WRTCorrelator=000006FC0005f285966922930BB5A238; Secure; HttpOnly;
NSC_mc_CIEMfpo_Qpsubm_Joufsop=ffffffffc3a0e29845525d5f4f58455e445a4a42378b;expires=Wed, 18-Jan-2023 09:00:46 GMT;path=/;secure;httponly
Strict-Transport-Security: max-age=63072000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F053123e4-9914-4404-b1e9-cb5f3e38b7a2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F053123e4-9914-4404-b1e9-cb5f3e38b7a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5caa7df39f82600c651046957ab6b62d
d6d6fbd676b74e487ee06248c48da87e178223e7
df3090d2e7c7c6e970fe498609d74c63e04aa80d55a26c956d1e3be5bebfafbc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F053123e4-9914-4404-b1e9-cb5f3e38b7a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11781
x-amzn-requestid: 522a0799-2025-43cd-9d7e-08cdaa5acf11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0vQMGZRIAMFfjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f8cd-697804fd5b8b3cff7d2d5a7e;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:12:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MGfNpq5RCQifmDzeCJl4-1DPyd63DRE89n_BlQwQanwYyYquvaBkBw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:21:45 GMT
age: 3959
etag: "d6d6fbd676b74e487ee06248c48da87e178223e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2