www.paperbethy.com/kfcu.org/success.html
107.180.47.12200 OK 17 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/success.html
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26545), with CRLF line terminators
Hash e6d0c80dd65f2b3491226f969cfe6572
4678d86655bc23426f820fd5d2b8f1399945e972
d4bb6239cc841338f1c57da956eaa1655414da6e166b0f8cf12969294e873580
Analyzer Verdict Alert fortinet Phishing
GET /kfcu.org/success.html HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:47:32 GMT
ETag: "35c2416-11f82-5e09c20b7f500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16873
Keep-Alive: timeout=5
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16241
Expires: Fri, 06 Jan 2023 20:24:54 GMT
Date: Fri, 06 Jan 2023 15:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15188
Expires: Fri, 06 Jan 2023 20:07:21 GMT
Date: Fri, 06 Jan 2023 15:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16943
Expires: Fri, 06 Jan 2023 20:36:36 GMT
Date: Fri, 06 Jan 2023 15:54:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 15:41:20 GMT
content-type: application/json
age: 773
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XeoqrxuuoNcdsapeAbrZ+mHzDdFT7QWN3LfQiO1Fmp09IV5RrRAsKeYlcGlgiuPF3OE0yANvHrw=
x-amz-request-id: M4M3Z6GZ1483NRYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 15:02:14 GMT
age: 3119
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 15:54:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.paperbethy.com
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 15:54:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1245655
expires: Wed, 27 Dec 2023 15:54:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtERrVUhD3U5zVBwFNbGya2yEZKscdzg7erYDSueBkVLhOHQ4BNy0irjr7CK2BXeqfHKdY4GqE5NSJI1lJGjMzdJiSTUmopsqAaLo3tqTfHx4rtDlInR9bCMjBwyJevVPQlT2m7f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7855a18e0bd40b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.25.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.25.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 15:54:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6825569
expires: Wed, 27 Dec 2023 15:54:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGW5Q7YlbIPJz%2FdPtTMuZeFjAJx5Z7iWhzNx94GZQKpdghX%2BOSs7jfqnFOhWpMG3KDEuzvYIG3Oy42tBY79OPTweFcuVu0oIf52pLC8LA%2B4J2BfKKwpGfuvejK9zv7DQB%2BBGpeaU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7855a18e1fd0b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.42200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.paperbethy.com
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 15:54:14 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CLak4Z0GEocBCiRmNDE3YTAyNi1hYTEzLTRhMjMtOGNhZi00Y2IzOGY4MzNkNWUQ+OiCoKvU+wIaBgimiOGdBiIMOTEuOTAuNDIuMTU0KN7MAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZmVjYjExZDQtYzI2Ny00MDVhLWIxMjctN2M2MzJjZTM2MTNkGOa7ASIYCAISFGNkczIzMC5zazEuaHdjZG4ubmV0.oKUjR3V0gBRiWsH/GE3OgXIcFjA9/P7P6zNTQ6s6Zjc=
x-hw: 1673020454.dop231.sk1.t,1673020454.cds218.sk1.hn,1673020454.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 15:54:14 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CLak4Z0GEocBCiQ2NjY1N2ZhNS1mZWNlLTQ1NjgtYjNiMi03YjlmMWZkOTdhMjcQ+OiCoKvU+wIaBgimiOGdBiIMOTEuOTAuNDIuMTU0KOuvAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkODBiOTk5NTgtZWJmYS00N2M1LWE4NzctYzEyYzhkOTE5OTRiGK3rASIYCAISFGNkczIyMi5zazEuaHdjZG4ubmV0.Qa0T3d0Z34Zvs+s6fHg+0wJadQ64vkue7Bm9nRkcYgE=
x-hw: 1673020454.dop204.sk1.t,1673020454.cds222.sk1.hn,1673020454.cds222.sk1.c
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 26021949
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 06 Jan 2023 15:54:14 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css.css
107.180.47.12200 OK 610 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash abe1983f3d05e30ac466fe81f5158418
fca5b9bbcbb49090e98f1710c6e1be26bbdccdd2
1e8e295442692a852ca214fc0f5c271ae93f44f1ead517d3abc1a5a8c2643571
GET /kfcu.org/App/cloud/etc/cgi/css.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c243b-148d-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 610
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css-1.css
107.180.47.12200 OK 479 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css-1.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash c9074aab119422342be842893f365e55
186d052c4896d46ef2e1edd93895e9d771d0c848
73f0d722d4d8da4f48184b1661f7552d854ff7d627caaafdbf148d44c484dc6b
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/css-1.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c243a-6c7-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/jquery-ui.min.css
107.180.47.12200 OK 5.5 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/jquery-ui.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (26296)
Hash 7da2911c88d5f118923931060cb5bf8e
06454f40d8925f9538085baa5561983b93dbfe64
6b4c8811804aa1e0f1ae41929cf41018fef603176b25b3198b33798236cde8ff
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/jquery-ui.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2454-6dc5-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5510
Keep-Alive: timeout=5
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/font-icons.css
107.180.47.12200 OK 8.3 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/font-icons.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash abe52652212a4dafc9495a1ead51d904
49daccb7f110b64709e26c9e1c2e6600a14efb68
f0f6dc31957ec20b3d2c916eb8ac4d889dadd3bef6490d5378e79e39e1f12a1a
GET /kfcu.org/App/cloud/etc/cgi/font-icons.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2441-1c5a2-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8311
Keep-Alive: timeout=5
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-foundation.min.css
107.180.47.12200 OK 7.0 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-foundation.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (50964)
Hash 8bc0ab6a771f2b7b8ca20d35f497ea84
5eec9c8049bd376524f9cf869957fcea3f829001
6599bd429f41109ac76f1ceff20a40e3558200160cdd76029dd954a871d01637
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/iris-foundation.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c244b-c86e-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6985
Keep-Alive: timeout=5
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris.android.min.css
107.180.47.12200 OK 14 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris.android.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 815aca9d43734825849251fdf83f66d6
1b9c61a2b700fdcec7531dae46ff3a7029ee1acc
2367df75ec9b9895451300e91ec55715cd30fbd0b4165a191088ee61d091fdaf
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/iris.android.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c244d-17dc1-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13496
Keep-Alive: timeout=5
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/theme.mobile.min.css
107.180.47.12200 OK 21 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/theme.mobile.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7964289dc42332b0030e76108a5480fa
71c486667e2bf699d3f9eed424c0994a8b3ac432
8f1d21665ecfe7244d29a7c37b870105b4166558808d0142aea35e17e87f0878
GET /kfcu.org/App/cloud/etc/cgi/theme.mobile.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c2466-1b47a-5e09b8802f080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20980
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4993
Cache-Control: max-age=130683
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 15:54:14 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 04:12:17 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-components.shim.mobile.min.css
107.180.47.12200 OK 494 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-components.shim.mobile.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (687)
Hash a0eefda5d597e22eda066bfc812c344f
126d028364af0e6d8a959df813ba8173f42adb8d
17924a662c3b453ee2fdf7b2919a187f5f96cc6a5c1d2b9aa1c98aed8e00be0b
GET /kfcu.org/App/cloud/etc/cgi/iris-components.shim.mobile.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2449-393-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 494
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-foundation.min-1.css
107.180.47.12200 OK 7.0 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-foundation.min-1.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (50964)
Hash 78e3f79f2d600252b490192b7871fa9a
9dd2519540ab3e84db56d84da2d5dfecb71baa4d
e7771901992c41c6ccfcf07eeb0c5d37251eb866974134b0926b7ea7af33bbb1
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/iris-foundation.min-1.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c244a-c86e-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6980
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-components.min.css
107.180.47.12200 OK 19 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris-components.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65309)
Hash eb2fca75f0ed0e4616709338ee5af7f3
87dbae0c4a030a49de9de3f9cd8cb4857aab5d3f
53955bcf1df4b75710c45d9bd0c93010e3168601c3903395ee12486ff03a8c97
GET /kfcu.org/App/cloud/etc/cgi/iris-components.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2448-2ed06-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18718
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/isotope.min.css
107.180.47.12200 OK 2.6 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/isotope.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5628)
Hash 1a2ff0f40135534ba14d7029f96a61ae
220beffeb00195c0090bb17b5064fe3ff88b78f0
89ba066d0b0b64911422c54a874ac252555ab19868980a000f2e86844dccac98
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/isotope.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2451-390b-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2627
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/style.css
107.180.47.12200 OK 219 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/style.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 7240cd696e83764a97dce3dfd188ddf3
f7c916322f2bc305163bccf9f7664c9ce55eae1b
481b1416b7b3e0e6a47254c071096cdf146275781a53151b4f86f606ea4164a9
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/Icons/credit/union/wp-wamp/style.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Wed, 17 Nov 2021 05:01:14 GMT
ETag: "35c2472-19e-5d0f4ee68da80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 219
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/actions.js
107.180.47.12200 OK 504 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/actions.js
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash a929d6eebf69eaec9a46285c50f74994
2e42a8ba54ef0fdd2c59252cb9912516d6de1d7c
9d670b99192b4af1f0e339ab729d0a4700055d254f3d18f6f2b44ef76dca3eea
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
fortinet Phishing
GET /kfcu.org/Icons/credit/union/wp-wamp/actions.js HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Wed, 17 Nov 2021 04:48:10 GMT
ETag: "35c2470-50b-5d0f4bfadf680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 504
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/base.min.css
107.180.47.12200 OK 642 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/base.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1790)
Hash 79960183c69a27bcc80938067740905f
7bd280d8745e1d1c9fac1ab547b3247882b74193
fe4e5259cbd84fe4bb0ef060457cd184fd5d5a6764c15a78e013d9550b9a13fe
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/base.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2438-728-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 642
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris.shim.mobile.min.css
107.180.47.12200 OK 295 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/iris.shim.mobile.min.css
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (557)
Hash 9f7f099786e6d33fca0425406516467f
a9e12ef8c450ee96c6429d0189ec1645d3fa3073
16c09e22c4052d26724b6ce6e998344e03d77b0ef8c98d11c18b3923a11721f3
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/App/cloud/etc/cgi/iris.shim.mobile.min.css HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c244f-263-5e09b87e46c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 295
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 15:08:12 GMT
age: 2762
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/app-store-badge.svg
107.180.47.12200 OK 11 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/app-store-badge.svg
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356), with CRLF line terminators
Hash 1b65926236d951b2af57201b275f595b
1ce3e7bf2853a59f0fc9ad064e1fd48260da0f38
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/app-store-badge.svg HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:54 GMT
ETag: "35c2437-2a62-5e09b883ff980"
Accept-Ranges: bytes
Content-Length: 10850
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/svg+xml
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/google-play-badge.svg
107.180.47.12200 OK 9.3 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/google-play-badge.svg
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5e01637f08de80e8c27c414687738968
2d4fe2500bb550dc45c048e78aa62356fb4cbc2c
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/google-play-badge.svg HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:54 GMT
ETag: "35c2443-2474-5e09b883ff980"
Accept-Ranges: bytes
Content-Length: 9332
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/svg+xml
www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/loading.gif
107.180.47.12200 OK 39 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/Icons/credit/union/wp-wamp/loading.gif
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
GET /kfcu.org/Icons/credit/union/wp-wamp/loading.gif HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sun, 12 Aug 2018 03:03:52 GMT
ETag: "35c2471-96ec-5733439fe1600"
Accept-Ranges: bytes
Content-Length: 38636
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/MobileLogo.png
107.180.47.12200 OK 35 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/MobileLogo.png
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 945 x 345, 8-bit/color RGBA, non-interlaced\012- data
Hash 67277511e17ba0c06c0ccbde73a57e6e
98fd2d653ced9bcd26b1c045ca0eb74b4fe09c00
0bb7e66ec13cdc10cf254866c9aa07fa02a1deacd01a63a92802718df2d25bd0
GET /kfcu.org/App/cloud/etc/cgi/MobileLogo.png HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/isotope.min.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c2431-881e-5e09b8802f080"
Accept-Ranges: bytes
Content-Length: 34846
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
107.180.47.12200 OK 16 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Analyzer Verdict Alert fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c2424-3df4-5e09b8802f080"
Accept-Ranges: bytes
Content-Length: 15860
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOmCnqEu92Fr1Mu4mxK.woff2
107.180.47.12200 OK 16 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Analyzer Verdict Alert urlquery huntington Phishing - Idaho Central Credit Union
fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css-1.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c242b-3d80-5e09b8802f080"
Accept-Ranges: bytes
Content-Length: 15744
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/Alkami.woff2
107.180.47.12200 OK 42 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/Alkami.woff2
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 41960, version 1.0\012- data
Hash 52cad9764bad2f9d90208c91a7c5e847
6179e764e760b16d8b8ac30b9251ce2311b83dd1
4e2bcd3f2e35e841bece706f0426cc746ac77cfd2148ea365ce05eebd5124a45
Analyzer Verdict Alert fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/Alkami.woff2 HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/font-icons.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c241b-a3e8-5e09b8802f080"
Accept-Ranges: bytes
Content-Length: 41960
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
107.180.47.12200 OK 16 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Analyzer Verdict Alert fortinet Phishing
GET /kfcu.org/App/cloud/etc/cgi/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/css.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:50 GMT
ETag: "35c241d-3d7c-5e09b8802f080"
Accept-Ranges: bytes
Content-Length: 15740
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4220
Cache-Control: max-age=152574
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 15:54:14 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 10:17:08 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/android-chrome-192x192.png
107.180.47.12200 OK 3.7 kB URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/android-chrome-192x192.png
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash db1a711261c13af69fb1918fbbd93c8a
826dcf4c95923b6169ee424cb49ce518c4dfdb43
ed7d88acdf8fdb0cf90ad53b87f885f185c9e4e04bc884c02160475fb482fa02
GET /kfcu.org/App/cloud/etc/cgi/android-chrome-192x192.png HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c2436-e53-5e09b87e46c00"
Accept-Ranges: bytes
Content-Length: 3667
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/favicon-16x16.png
107.180.47.12200 OK 620 B URL HTTP/1.1 www.paperbethy.com/kfcu.org/App/cloud/etc/cgi/favicon-16x16.png
IP 107.180.47.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 027a723b460304011314796b3357ef68
bb12548ae965cf1eff94c8069b99cffefd991b3d
c374505c75780e104d872cdc58c3d3c4dc802ea39bac58b0bc04abf9ee2dcf1d
GET /kfcu.org/App/cloud/etc/cgi/favicon-16x16.png HTTP/1.1
Host: www.paperbethy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paperbethy.com/kfcu.org/success.html
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 15:54:14 GMT
Server: Apache
Last-Modified: Sat, 04 Jun 2022 09:04:48 GMT
ETag: "35c243d-26c-5e09b87e46c00"
Accept-Ranges: bytes
Content-Length: 620
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KTs3IPnX9WwOT9OscgMEYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4G7QUo+T4AEiVLSlpw/PZQ/g9tk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 06 Jan 2023 17:09:40 GMT
Date: Fri, 06 Jan 2023 15:54:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 06 Jan 2023 17:09:40 GMT
Date: Fri, 06 Jan 2023 15:54:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 30054
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: dfac0548-1ee6-4eb6-8fb6-4be00f9cf601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlO6Hc_IAMFT0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e8c5-4459ff7b3622ddff7dc3e3ff;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: P31AbiVmWqCAQfjCxt7iXE3RtDtZHNiXtBXcjBWKR_u-U_sHT1ZvTg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 15:17:05 GMT
age: 2231
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49cab8228badce0317f63284420a2a06
94abc863dc8ac54c9ab9e57a791b404a8a09729e
399c22a3adea805a2fa373f6a85d842f47798088593803b6b38034f942e092af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: ae2b861d-87b8-4913-853a-64c76f410bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLADE-ZoAMFttw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b52533-6e5412c92f70fbd12a893047;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 78YflWiepSLgVw3s7rsefJd1FkwKcScpFt2tIHNaBjbpF3ZQmxT9Zw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:48:09 GMT
age: 29167
etag: "94abc863dc8ac54c9ab9e57a791b404a8a09729e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 64439
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 65255
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 884498828be14529bda4485a38b033c3
9443f22559b64c5861bbc50d0980dad8da158352
c48b1203e6b6e9468dc9a07934709f5ec2ba064fb2c9dd97f6cdc0e452a7dd77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6268
x-amzn-requestid: 3674eb24-1902-4722-8ea0-63b5fb36b41e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsIEtbIAMFYsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431a-1e840ef57d3fa7ab2362f37c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSI7UFknz6hbv5lG44ZUvaRg2ekHMRdi4NaLtpDGbpNrolofHvqbAQ==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 65255
etag: "9443f22559b64c5861bbc50d0980dad8da158352"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.paperbethy.com
Connection: keep-alive
Referer: http://www.paperbethy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 15:54:14 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 11/15/2022 10:39:35
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 936bfd60a4abf4735efbe51ce9507800
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7855a18e8953b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2