r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10890
Expires: Sat, 07 Jan 2023 12:36:53 GMT
Date: Sat, 07 Jan 2023 09:35:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14132
Expires: Sat, 07 Jan 2023 13:30:55 GMT
Date: Sat, 07 Jan 2023 09:35:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5178
Expires: Sat, 07 Jan 2023 11:01:41 GMT
Date: Sat, 07 Jan 2023 09:35:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 08:41:24 GMT
content-type: application/json
age: 3239
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mhhYoDwQoMWFFOfAOn7si7imJzv6dT8i+oCeMrrp0Ld7fxFZ57waH0n1KZtJZ3nwLQocBVSlsis=
x-amz-request-id: K5TCH4KKDEJPJEJE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 09:00:21 GMT
age: 2102
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 09:35:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 09:08:13 GMT
age: 1631
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
209.140.22.121200 OK 32 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
IP 209.140.22.121:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1021), with CRLF line terminators
Hash bc3251eccd000a05bffaaaa770e0a3bb
a736b1bc2e3ec217e7543faa93b7a3c233788117
abdf1d346aafbedb04d62d9cf0aad20220ba0a89013fb6e0732f152626c144b0
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0 HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: stm_visitor_1=82065480
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:23 GMT
Server: Apache
Content-Length: 31499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 09:35:24 GMT
Last-Modified: Sat, 07 Jan 2023 09:04:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GWKN7orc25GfLINsq3Cqgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DVo9kN0AEdR9z5DMqOUj4ubXPxI=
parkingcentral.net/nhrb.cnc/5/media/style.css
209.140.22.121200 OK 145 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/style.css
IP 209.140.22.121:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 145 kB (145055 bytes)
Hash ac922ecbe9a3c9017307bf651658c774
6934fbde5b9d13334381abaffff81dd252208d56
1df1b081d0aad204d6669abbb9dee7b49ef68b4de44f052b29b24382e5af4766
GET /nhrb.cnc/5/media/style.css HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:24 GMT
Server: Apache
Last-Modified: Thu, 03 Dec 2020 03:46:20 GMT
Accept-Ranges: bytes
Content-Length: 145055
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
parkingcentral.net/nhrb.cnc/5/media/styles.css
209.140.22.121200 OK 238 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/styles.css
IP 209.140.22.121:0
File type ASCII text, with very long lines (65352)
Size 238 kB (237450 bytes)
Hash 9513f5546ed180f2e9adef1d52213db9
1cd1ee09e2ca5b2f2719fef46a59096c6dafe6bb
ce6346046fc87765e2815794dccc487fb95284bdb76697f7e53ca450b0641eaa
GET /nhrb.cnc/5/media/styles.css HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:24 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:24:56 GMT
Accept-Ranges: bytes
Content-Length: 237450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
parkingcentral.net/nhrb.cnc/5/media/jquery-2.2.3.js
209.140.22.121200 OK 259 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/jquery-2.2.3.js
IP 209.140.22.121:0
Size 259 kB (258648 bytes)
Hash aacc43d6f308fa362ac85e3f4fb2b30c
09b2fbec3c6e662be486da501a913d4b93ad39eb
95a5d6b46c9da70a89f0903e5fdc769a2c266a22a19fcb5598e5448a044db4fe
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/jquery-2.2.3.js HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:24 GMT
Server: Apache
Last-Modified: Tue, 17 Nov 2020 02:38:44 GMT
Accept-Ranges: bytes
Content-Length: 258648
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
parkingcentral.net/nhrb.cnc/5/media/AppStoreBadge.svg
209.140.22.121200 OK 12 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/AppStoreBadge.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/AppStoreBadge.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 12224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/login-secure.svg
209.140.22.121200 OK 5.5 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-secure.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2575)
Hash 2ac190a1585df4726aaab558465a3677
4724c9e5a01d8a67502afa1f3aee0a799c5e674f
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-secure.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 5523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/login-easy.svg
209.140.22.121200 OK 4.1 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-easy.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2053)
Hash f0d22f982d5b06f6ddcc86d4ea20b34c
78d94235b41832ad6ccae8471754c787d6cae604
9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-easy.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 4147
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Experience.svg
209.140.22.121200 OK 12 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Experience.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (893)
Hash 3c30ea4f3370147c14d614b4e82323b1
f212ae8d2f0d655a1aed7ca8b43c13ba96aa159e
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Experience.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 12340
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/GooglePlay.svg
209.140.22.121200 OK 23 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/GooglePlay.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Hash 56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/GooglePlay.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 22795
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/login-fast.svg
209.140.22.121200 OK 5.3 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-fast.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2974)
Hash 81a16172e4f2f3144e41fb7b161479ce
e402f0b8ba2d98fb397e153ab2f479d323ba0c96
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-fast.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 5286
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/HuaweiStoreBadge.svg
209.140.22.121200 OK 23 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/HuaweiStoreBadge.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1948)
Hash ebca1ba48fc8843d69e32d98d233b928
68b6d14f6b8e0cea4c98b933ed5cc489d46134f9
1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/HuaweiStoreBadge.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 22958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Error_Orange.svg
209.140.22.121200 OK 933 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Error_Orange.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (349)
Hash ea909396b604c3c01db7d3608ebb259e
7fb0f3707716e3ecad2addecbaee8b8079154813
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Error_Orange.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 933
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/entrust_site_seal_ssl.png
209.140.22.121200 OK 19 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/entrust_site_seal_ssl.png
IP 209.140.22.121:0
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
GET /nhrb.cnc/5/media/entrust_site_seal_ssl.png HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 18758
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
parkingcentral.net/nhrb.cnc/5/media/icon-512x512.png
209.140.22.121200 OK 41 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/icon-512x512.png
IP 209.140.22.121:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, interlaced\012- data
Hash 45dc0d3ba9b11c9e0358ab3b418f7fcc
904740c7345e3770815dc35ab72b8f2e2b7b5ba1
fcb0dba575e2a3be211208f2a81a519c5d61109ebe399731d140ce5d87ed0920
GET /nhrb.cnc/5/media/icon-512x512.png HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Accept-Ranges: bytes
Content-Length: 40873
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
parkingcentral.net/nhrb.cnc/5/media/favicon.ico
209.140.22.121200 OK 1.4 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/favicon.ico
IP 209.140.22.121:0
File type MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Hash 68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5
GET /nhrb.cnc/5/media/favicon.ico HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=T1KUqP0hWaCjqFG0JWxitj8mxoLKV2Qf6yWq6qb5ddGlHYaxbArgpAZ1SGvcuzhGxKa8o72ZvoD4lVb0
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Accept-Ranges: bytes
Content-Length: 1430
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon
parkingcentral.net/nhrb.cnc/5/media/cookie-icon.svg
209.140.22.121200 OK 1.9 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/cookie-icon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (534), with CRLF line terminators
Hash 3500cea77fa8facce19a3d78e3d65efd
64561c1fa2bbc10d14ef7ad215215d87131ca614
fe40a000e17d2ff50ee03ddf8fa43c29b4f7bac9008cce7f94e649a072cbd9bf
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/cookie-icon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Thu, 03 Dec 2020 02:00:04 GMT
Accept-Ranges: bytes
Content-Length: 1910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/icon-chat-thin.svg
209.140.22.121200 OK 741 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/icon-chat-thin.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (447), with CRLF line terminators
Hash 83f7e92164b236b189f0f97f35813eae
948bcd0ad350232f160457b2aabed9812ebd801c
ccdad4ff98cc6f06e6e4469c2f153cd05e16a7bb390e5db677ab2f4fa85ce0cd
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/icon-chat-thin.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:25:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/NedbankIcon.svg
209.140.22.121200 OK 1.3 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/NedbankIcon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (483), with CRLF line terminators
Hash 4524fe949ec4e8fc09e53b254a9309ec
e48ebe170ce00e6c1ff6b85d1a6958941c52b4b0
9f03e50b45def1c758746fc72c3dd9f465eafa79f4b98226406af667fadb13dc
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/NedbankIcon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:26:52 GMT
Accept-Ranges: bytes
Content-Length: 1336
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/cross-close-white.svg
209.140.22.121200 OK 237 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/cross-close-white.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 378eae90527ac0e3766c3798c76b5b64
72a5a3167ae6fe2f434e7bdb2650d9f781c35020
89252245ff4ddb40f7d961d7112209c4d5b1a206392146027dddecc04b53c999
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/cross-close-white.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:29:08 GMT
Accept-Ranges: bytes
Content-Length: 237
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf
209.140.22.121200 OK 162 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 162 kB (162260 bytes)
Hash 8531ae94f5ad973be8b718f88e9660ed
a6d5635dcebab54c459a725da9a892017627a994
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:34 GMT
Accept-Ranges: bytes
Content-Length: 162260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/otf
parkingcentral.net/nhrb.cnc/5/media/contact-blank-green.svg
209.140.22.121200 OK 1.1 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/contact-blank-green.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 45328cfea483e7616bd24d895061746f
254babed655099ecabde38fdd2a9eebe4745197e
34870e9d178688052bf6ac99404873d4ba713b026369a811083b588d9d803312
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/contact-blank-green.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:00 GMT
Accept-Ranges: bytes
Content-Length: 1125
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf
209.140.22.121200 OK 165 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 165 kB (165396 bytes)
Hash 12d6724a254d3be629fc6b2871ae5a6a
d3a93c9ed090be9366b9513e5515e8e19ff48459
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:24 GMT
Accept-Ranges: bytes
Content-Length: 165396
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/otf
parkingcentral.net/nhrb.cnc/5/media/location-blank-green.svg
209.140.22.121200 OK 1.2 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/location-blank-green.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (359), with CRLF line terminators
Hash 15be25902bd569e3e4659d742681e2fb
613050d4c8541fea62a4123605610b3610917fb3
cd12b1387c0081203b3cc5c14e644e0368bd887e0002d6a78f4ce89184079c7b
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/location-blank-green.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:28:54 GMT
Accept-Ranges: bytes
Content-Length: 1170
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Arrow.svg
209.140.22.121200 OK 761 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Arrow.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b303c49924ce1909fcbcc33522ebf8f5
d1c3ab0e640f7fb06962d72a7b5799e7a1c1811f
636a98e693146284effe41930c519a43f586aca7769d8a4acb64b8dbbb9ef5e2
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Arrow.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:29:50 GMT
Accept-Ranges: bytes
Content-Length: 761
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/demo-icon.svg
209.140.22.121200 OK 1.6 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/demo-icon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1093), with CRLF line terminators
Hash 743f7630b78dcb8c373e994da6945761
16a1b674069131ac8b01bdb0fb0977ccfc78da6e
d618a969357e7068c902c05acd681131cf186ff0fbe53f35c7519980f33a32ea
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/demo-icon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:48 GMT
Accept-Ranges: bytes
Content-Length: 1628
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf
209.140.22.121200 OK 166 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 166 kB (165936 bytes)
Hash 476d44b0f6c8939bb8859c9ce7598310
cd8fb565970c2750a12b3b47b1869578f7a041fb
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:25 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:30 GMT
Accept-Ranges: bytes
Content-Length: 165936
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/otf
parkingcentral.net/nhrb.cnc/5/media/outline-cheque.svg
209.140.22.121200 OK 259 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/outline-cheque.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 4a2b65b698559fc79b4e013118ab7f95
7c09f88b6ad294979142eb11bf2fe87b51b350a8
cce1cb057aba624a402810787efca075b01266b8c7d70fbfc29c06e04c9db877
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/outline-cheque.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:26 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:26:32 GMT
Accept-Ranges: bytes
Content-Length: 259
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Sat, 07 Jan 2023 10:40:45 GMT
Date: Sat, 07 Jan 2023 09:35:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Sat, 07 Jan 2023 10:40:45 GMT
Date: Sat, 07 Jan 2023 09:35:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Sat, 07 Jan 2023 10:40:45 GMT
Date: Sat, 07 Jan 2023 09:35:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Sat, 07 Jan 2023 10:40:45 GMT
Date: Sat, 07 Jan 2023 09:35:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 7b970f82-e9fa-43e8-8757-60ae808a2cff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6kCEsSIAMFVBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e19-4884229c1545eef72380e7d2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:03:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wWDCvYZY8VpfF4a5AWmjrZZx3vzUv7qWCz_g9vNlkMz5Sy3NaaWMVQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:33:10 GMT
age: 21736
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b10b23-bc94-4aaa-ad1a-5f2fe3dc175e.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b10b23-bc94-4aaa-ad1a-5f2fe3dc175e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38737d94d2cd65e9c29f76857ace4475
c833563644d1d9f66f86baea512ea3c0ce9597d0
ea22e6273f2a9e458ab44817881f764956c1f8635b52d4075eb6122cd341a26e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b10b23-bc94-4aaa-ad1a-5f2fe3dc175e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7693
x-amzn-requestid: a016aacf-2b2b-496a-8546-c0ffb583f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eO7TWGqPIAMFoQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5d8e2-6e8e32bf78c6bc98676fc113;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 19:52:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7LPlA2tPOJ5Cv8VXhADZAl-eRNDbs_DmomRLkD9yAh0B9hr38WuzpA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:49:53 GMT
age: 42333
etag: "c833563644d1d9f66f86baea512ea3c0ce9597d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e628ac1e25757ac0177f4a392d6b7ddb
d457e65190f24dce30af852e07b2d55f1fe5d808
b51790825ceb10ba7d5ec69081c098b7c82e72e4128dc1c23fa4f45495fbfa65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5684
x-amzn-requestid: 7c54347b-9e0f-4f2e-99f1-80f438bbbbcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNlXGEThoAMFj-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b54f60-4025ab2e5e877d826b96e1fa;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 10:05:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4h0YY5YlwakQbHovTLyitgaCnj0fSJ5nalMKx3k-foRtfLipSRGE5A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 15:26:12 GMT
age: 65354
etag: "d457e65190f24dce30af852e07b2d55f1fe5d808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7969a6b13e7b61ac8f3dd41697dc496
c453e493e0c5ed759440ae6a5fa9cb2d426c53e7
db236f4f50a187bfda4c25c98d9cd29306f3e36973217c92821cf59e495b7208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadd3e75d-3882-4f03-b3f3-9ee6d8c9e614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6437
x-amzn-requestid: 52721f5f-175a-411f-ab50-e9af4c8dbcc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxEpHrCIAMFSdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-1fff65c32b4545ce5dfe9ca5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: A4nhfHxlz62wMNC6iqRAy5Jwjm3nrVj30fGIcviCwjlz_xV_YPV82Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:49 GMT
age: 42457
etag: "c453e493e0c5ed759440ae6a5fa9cb2d426c53e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f83db2c3a907629e06bd60b97d98b436
e7adc7c3fc446bb4b78eef410b5d2a573b50bc6f
800cf7ed947e2a8046b0008d7998d79d9f8e47c6add076da789bf2bf0bda40ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31bc11ee-d473-4118-9434-3dd149282464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6780
x-amzn-requestid: 3054b209-5d61-4f15-9522-c777bac9c7ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxMXEfYoAMF4WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89582-69265eda1930d43d59790083;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -6EPhBDnwxBwW5rb-QO0EkO5S5APsCjSJIm52FYjl-_MyRbyiGasEg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:49 GMT
age: 42457
etag: "e7adc7c3fc446bb4b78eef410b5d2a573b50bc6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab79c62c-c2c8-44d6-bb2b-a00abef76e42.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab79c62c-c2c8-44d6-bb2b-a00abef76e42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498c170026d419eef78fcd2f0c39cd8a
ac9335b5a8da94e3f9eede562660075f3e6b94b6
801d0faab81f01412a5379599a97f831cd7c30b10911e5ee451b2336169ed043
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab79c62c-c2c8-44d6-bb2b-a00abef76e42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13789
x-amzn-requestid: 840b5498-b04a-457a-9694-7bfb8f4804ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eI0r4GO4oAMF_fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b367e5-3b7d62ab3308590e622aaae9;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 23:25:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0PwFm3Q13oKcuHUnDwQ9LUBWaFvRxIMBSa98dbkdpYBuIPC5zXDgmw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 22:26:13 GMT
age: 40153
etag: "ac9335b5a8da94e3f9eede562660075f3e6b94b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
parkingcentral.net/nhrb.cnc/5/media/Eye-Show.svg
209.140.22.121200 OK 969 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Eye-Show.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 73c874f4bd757bebaedc93137dec93cd
28a3a7ff7f4c6665f91dc9e5f686516dd412b594
3b5618abb126e7405b0ee27b5e979d3ac3bb85f8923191268cd27fb768888cd0
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Eye-Show.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 09:35:26 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:16 GMT
Accept-Ranges: bytes
Content-Length: 969
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/close-gray.svg
209.140.22.121500 Internal Server Error 0 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/close-gray.svg
IP 209.140.22.121:0
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/close-gray.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
Cookie: stm_visitor_1=82065480
HTTP/1.1 500 Internal Server Error
Date: Sat, 07 Jan 2023 09:35:26 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8