r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8174
Expires: Thu, 02 Feb 2023 10:58:47 GMT
Date: Thu, 02 Feb 2023 08:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4789
Expires: Thu, 02 Feb 2023 10:02:22 GMT
Date: Thu, 02 Feb 2023 08:42:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 08:36:05 GMT
content-type: application/json
age: 388
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12339
Expires: Thu, 02 Feb 2023 12:08:12 GMT
Date: Thu, 02 Feb 2023 08:42:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /AsFDNZUcup8nHExrMNbOmHatqQ+ixDhM/hslNZR55EaoOgPiXmsV0qU+QbkKUIbIvO/68vhXngUlIqTeEp6Fg==
x-amz-request-id: N5JKQVM8SB6DK633
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 07:51:53 GMT
age: 3040
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 08:42:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login
207.174.215.160301 Moved Permanently 270 B URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d1d1673a7338c30505317e210eb6b615
f9325118bff8d07c544bc635de471ff9386f5836
8dac9bdebefdba364beaf6ac34206f861cb107716c276132eb868d679dd0178a
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 08:42:33 GMT
Server: Apache
Location: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Content-Length: 270
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
207.174.215.160200 OK 2.4 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 690957edd0fdad0993f0e4db5adbcd06
c62e1c218203a5dc7de9357fb9c9209481f4d4cc
b4f98cd6d8875e7289c388fccc765ae841cd2fcf6cdaaf33ea88249bc14e9c19
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/ HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:33 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2388
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 08:41:43 GMT
age: 51
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6606
Expires: Thu, 02 Feb 2023 10:32:40 GMT
Date: Thu, 02 Feb 2023 08:42:34 GMT
Connection: keep-alive
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/font-awesome-4.7.0/css/font-awesome.min.css
207.174.215.160200 OK 7.1 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
GET /Secured/FNB/Account/Login/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animate/animate.css
207.174.215.160200 OK 3.6 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animate/animate.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2fa1d9b1ab05160bffa7b7ada9998587
ae185f5172624e5a90052eca2887edb9a1865d9a
d2c7850a560aa38fa5308690ff91b0fcf4e5cc6b52e69ab5744c28e2e6852c69
GET /Secured/FNB/Account/Login/vendor/animate/animate.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3564
Keep-Alive: timeout=5, max=75
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/iconic/css/material-design-iconic-font.min.css
207.174.215.160200 OK 13 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/iconic/css/material-design-iconic-font.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62ae265dac0ef9c47ae112b683582857
571152aaa673a33099e913b3dee7047184971dc7
b14cade07a32928df81c6c161a5ed442412b3ce731bcb2a0332dd8ec14dcd583
GET /Secured/FNB/Account/Login/fonts/iconic/css/material-design-iconic-font.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12911
Keep-Alive: timeout=5, max=75
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/select2/select2.min.css
207.174.215.160200 OK 3.4 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/select2/select2.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15195)
Hash f387c46fd49a211193c3c403af8d2fae
c287d5cd1fc3fffe0f7d5a3e6cc0f4a1cbcb6161
4be02b02625c3b37ddd520572cd03207b63ca458178f32660207eae69adf5153
GET /Secured/FNB/Account/Login/vendor/select2/select2.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3367
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/css-hamburgers/hamburgers.min.css
207.174.215.160200 OK 3.0 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/css-hamburgers/hamburgers.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19499), with CRLF line terminators
Hash 1cbdfbe7973e1f2f0a388d52dac4f0b4
8f47c3848e3205f69d7c0d4b7f19f59d8107ee65
4bd9f4644fb29c372b124b35bd093754cbf2b0c9f18c2755b314a7f9a18475ac
GET /Secured/FNB/Account/Login/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3048
Keep-Alive: timeout=5, max=75
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/css/bootstrap.min.css
207.174.215.160200 OK 28 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/css/bootstrap.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65320)
Hash 8092f8563f25615a6527b3cd74b1bfd2
32a22efc2ba1a0b3a2a7980fd13b6df0ae056cbf
a6a8967bc8bafd33fd074f3d8b6234d6728cbe4865156c73c275ffeac0b4fa15
GET /Secured/FNB/Account/Login/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.css
207.174.215.160200 OK 2.0 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash f5985f13ff7fb468baad892d4b4bef47
c117a5acc1d8d0826449f21508226f20e1c77163
aa10ebff2826b26407290b5bea50b6517ae57f1daa4f7dd740f9bbb6acd1844d
GET /Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1950
Keep-Alive: timeout=5, max=75
Content-Type: text/css
push.services.mozilla.com/
44.227.59.33101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.59.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OmTX9hQteNIHwVOK8hhJKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HTPQvjzZ/NFBxG4KLmCCm4aN8LM=
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/main.css
207.174.215.160200 OK 2.2 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/main.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c4e5c5b24a7640b80dc3bce5913445df
ffc363b28096da80be89d6a6ec1eb2a47371f6db
89619080003aa4cba4e4bf62ebaaa4df9cefc3f22ea9c4b6190e893d19a857fc
GET /Secured/FNB/Account/Login/css/main.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2247
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animsition/js/animsition.min.js
207.174.215.160200 OK 2.2 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animsition/js/animsition.min.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5415)
Hash ffa67ed25cc4519c5edb415bb7e3b560
e2bc07caad35c056dd7a322d171f5e45703c596e
0540dbf57b36e14f96aaa69041d3f8298917a1f2483f181047736cb1ceb9f649
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2164
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/util.css
207.174.215.160200 OK 12 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/util.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 048c20ac57df0aaa6c95568c1bd0b6e7
b23ffc1f8df4d4a71826b34a1021004cde9b11fa
194382d5078d16b8e56dc267cc161a0edd1f183e197bed5b10c3772581e72e55
GET /Secured/FNB/Account/Login/css/util.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12240
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/js/popper.js
207.174.215.160200 OK 30 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/js/popper.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (337)
Hash 377df90a00f303fbe7483d4aade30bdf
b86acd743cd1dc4f33b40d72e9e7ae9304d9278a
078cee0603b4e4ec6a25df2d2a1b1a5ff1efa72f60fcaba941443e502030b785
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/bootstrap/js/popper.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/jquery/jquery-3.2.1.min.js
207.174.215.160200 OK 38 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/jquery/jquery-3.2.1.min.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32058)
Hash 158ed1f63711a0812b7c2b396cbaa6e7
1a6fe374f9c4963adc88db33dd128d324fceb9f2
811e8097bc41bb848b417ed7626ec9f8f8d8b682c664f8f2890ed4b57371e60b
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.js
207.174.215.160200 OK 17 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 522787c650f147e083fb07cf61d15ffa
bf61fd9b6512df4713aab98fd45d576f753f2773
6609b26d15d1531a010d4f651a6be2487fdcfe5d2752826d0a3636d888d54493
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/daterangepicker/daterangepicker.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16944
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/countdowntime/countdowntime.js
207.174.215.160200 OK 495 B URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/countdowntime/countdowntime.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 784f639edba1dab60c5aafbe38a9552b
ba354b582e25dbebbed1d160c33a839401c49fdf
24f229195dd9136ea61e8d931be29bbcee3e15411d2a7d2518bc8ae2d723eca7
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/countdowntime/countdowntime.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 495
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/js/bootstrap.min.js
207.174.215.160200 OK 21 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/bootstrap/js/bootstrap.min.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (50904)
Hash 11f577f5e177d57135e8d3290f2f8966
236487558d036bf5d4d76d6c62aec31d2d90720a
8363071618e89d5a0fcc3eeed7b54ecad8aa07a65b1f3900902b852fcf52c013
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/select2/select2.min.js
207.174.215.160200 OK 25 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/select2/select2.min.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (32091)
Hash 9bbee2a726791ab3a6a0698eac6cd585
e37d363c8427b3194de7ddb03168a2c6bcf62bc8
e7234c209386dc2c1f9eafeefa7c1bf600bfc2e633074daede4b437da11a281e
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/select2/select2.min.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/js/main.js
207.174.215.160200 OK 587 B URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/js/main.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash becb2a15b2b565c1bc185b43c25fbec6
f131e840bdcc7e52fe4320d7bec830b552d7cb0c
676c1ade3c2d435c5b3e24a7642c86937ac8e67209c571af23a17f2332d8a5d0
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/js/main.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 587
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/moment.min.js
207.174.215.160200 OK 18 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/daterangepicker/moment.min.js
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32010)
Hash 14df6d17b421f2ac8dc3039b1b7b2498
48371dcc397ca5050d2440c0dabe478684bf7fc1
9a96ff8eb5ec8e414f9e136c7867dd324458f7ac96af48c3857541874bde304d
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/vendor/daterangepicker/moment.min.js HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:34 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animsition/css/animsition.min.css
207.174.215.160200 OK 2.4 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/vendor/animsition/css/animsition.min.css
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27282)
Hash 2b9982099a74474e68209874c070f423
c0b459a4b95f70f6652039704be3ad9f3a04550a
a23b6eeeef2b2fc064ba0d7582e58072ddd194efbba7368f51bf87a029661c9f
GET /Secured/FNB/Account/Login/vendor/animsition/css/animsition.min.css HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2388
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.10200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.10:0
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 07:51:27 GMT
expires: Thu, 02 Feb 2023 08:51:27 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 3068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/images/banklogo9641_2009.jpg
207.174.215.160200 OK 53 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/images/banklogo9641_2009.jpg
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 720x400, components 3\012- data
Hash 2c61289edbaeea65077458302785fb78
cb768f995723fbb2c510b89cf4aeab18248e01f1
9ac3e6960a7e4584b5fb3feef311a3803497aee1f82fbb3c72f2df4554d7493b
GET /Secured/FNB/Account/Login/images/banklogo9641_2009.jpg HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Content-Length: 53136
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-Regular.ttf
207.174.215.160200 OK 145 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-Regular.ttf
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular3.010;ITFO;Pop\012- data
Size 145 kB (145312 bytes)
Hash 731a28a413d642522667a2de8681ff35
440dc8992517a306d66e55cb0afed0cfe9b971b5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/main.css
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Content-Length: 145312
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: font/ttf
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-Medium.ttf
207.174.215.160200 OK 144 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-Medium.ttf
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)Poppins MediumRegular3.010;I\012- data
Size 144 kB (143516 bytes)
Hash a4e11dda40531debd374e4c8b1dcc7f4
5c96d1545a51c39e05ee0fcc0c3c9021f14d9c31
45870260a29fa7d3e0eff8cdd91993fb4a9ce4cced3d7b72c3ef7d24380bfc2d
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/fonts/poppins/Poppins-Medium.ttf HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/main.css
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Content-Length: 143516
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: font/ttf
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-SemiBold.ttf
207.174.215.160200 OK 142 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/fonts/poppins/Poppins-SemiBold.ttf
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)Poppins SemiBoldRegular3.010\012- data
Size 142 kB (142148 bytes)
Hash e63b93dfac2600782654e2b87910d681
0dbbb6d5a8fa0f9ece415dda4a69c8aa6595fba5
1d665d5b75a9500040b2cc201c2b07af5faca7228372dc6f4572d2d5b2291097
Analyzer Verdict Alert fortinet Phishing
GET /Secured/FNB/Account/Login/fonts/poppins/Poppins-SemiBold.ttf HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/css/main.css
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Content-Length: 142148
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/ttf
comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/images/icons/favicon.ico
207.174.215.160200 OK 32 kB URL HTTP/1.1 comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/images/icons/favicon.ico
IP 207.174.215.160:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel\012- data
Hash 7d4140c76bf7648531683bfa4f7f8c22
c072bf985086c9a05c7ecede6eedaa02f76a840c
4d663e7a6b4e495a7261593d9d5e66489adbf75e029604ff6e65c4f0fcd97cd0
GET /Secured/FNB/Account/Login/images/icons/favicon.ico HTTP/1.1
Host: comdataconnect.hotel-dex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/Secured/FNB/Account/Login/
Cookie: PHPSESSID=268e759396990ff02f6ff820cbbf10eb
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 08:42:35 GMT
Server: Apache
Last-Modified: Wed, 15 Jun 2022 12:47:28 GMT
Accept-Ranges: bytes
Content-Length: 32038
Cache-Control: max-age=604800
Expires: Thu, 09 Feb 2023 08:42:35 GMT
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
216.58.211.3200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://comdataconnect.hotel-dex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 12:53:47 GMT
expires: Tue, 30 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
age: 244128
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
216.58.211.3200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:07:41 GMT
expires: Tue, 30 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
age: 232494
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:42:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7290
Expires: Thu, 02 Feb 2023 10:44:06 GMT
Date: Thu, 02 Feb 2023 08:42:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7290
Expires: Thu, 02 Feb 2023 10:44:06 GMT
Date: Thu, 02 Feb 2023 08:42:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MwPmKlNm1j7hqbrlEgxAlfu0gQQNhnkrHnL-YABUr7P8_oFaoFDgFA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:37 GMT
age: 38519
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 37258
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a1ddd54f3c344b36a26476a33ccfe20
3cc3a77f6a59cafed25fa0882e13644f4eebef50
65cef0476175fca421fef73419440b82dcb763879b79385f2cacc43f42b3237b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2530
x-amzn-requestid: 3ce99c09-61b5-4a51-97ec-c40c443238ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freplHVZoAMFz5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3d-605687635e0a740e49ff78b9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Hs72kBEkTiVNiWczvw7UONt_cbyvWuU_erpoJHQS8z1s1M601xIdug==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:28 GMT
age: 38708
etag: "3cc3a77f6a59cafed25fa0882e13644f4eebef50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c0980cc80018f2218e1a5a7336a4bcc
461e33619154423dbbf49407a80b70ade9078593
4375676d6ce36b3ec3923eefe2007bb96d96135dae10103a886c24fc9063fce9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3541
x-amzn-requestid: f65e4be6-20ff-4f14-a722-d6c2c4631a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5YHQqoAMFeBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6f-5f9183ed1c2cb640249c2b09;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5wf_aWTm28747VwFTo8NM2HOVsMWtMBYIAY9502vCrH7GcOmKb0zsg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 38685
etag: "461e33619154423dbbf49407a80b70ade9078593"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
34.120.237.76200 OK 45 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash 54d9e8efcff3cc7fa309dc41e89c2a26
fa1cd58cf243d18f360e4394a02bee994e738c0a
4dd37eec5c27d911c3193c7ba08c10a8ec2526eac48c9b6a2a4ec49502cf189a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 44860
x-amzn-requestid: 318e5c01-c024-4c5e-8422-e6cba20b8dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaTEeBoAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-4b775cdc759aac341f2aff9a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vmPt8MLY6RsliPiMKcbnJ6jGjfuc8LXspyaqEIQiExnxnPOXIWDhqA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:19:04 GMT
age: 5012
etag: "fa1cd58cf243d18f360e4394a02bee994e738c0a"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 37258
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2