r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7511
Expires: Fri, 18 Nov 2022 19:55:42 GMT
Date: Fri, 18 Nov 2022 17:50:31 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=151880
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 17:50:31 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:01:51 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14778
Expires: Fri, 18 Nov 2022 21:56:49 GMT
Date: Fri, 18 Nov 2022 17:50:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 17:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 328
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HSjOx0wrdunyXFe0H5dIVgZZf9GryFVNTvu9A0UOyRA4eJURlFgonWU1Zl8ld5ElyTxtitC2evKdrYQI4yijvQ==
x-amz-request-id: 0ZXYFG8DEYDB9QWW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 17:15:41 GMT
age: 2090
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 17:50:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 17:25:01 GMT
cache-control: public,max-age=3600
age: 1531
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
discovery-safaris.co.za/
200 OK 3.8 kB IP
ASN #328364 Host-Africa-AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1930), with CRLF, CR, LF line terminators
Hash 4f1b493fc097c54cc5d04ebe3a3c1798
730cce45bbc6704119e28bf5fd471648589d65fc
7a5125bc63f7aa9da8cf73e221634f5c22bea5c21d0ba86e89254e568895e785
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
set-cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab; path=/; HttpOnly
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/html; charset=utf-8
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Fri, 18 Nov 2022 17:50:31 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 18 Nov 2022 17:50:31 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Average+Sans&subset=latin
200 OK 347 B URL HTTP/1.1 fonts.googleapis.com/css?family=Average+Sans&subset=latin
IP
Hash e7a7867be8d45789300a5024205ae5c6
d6e856e66c65365ff7d91bd556de56aedb00a51a
ee10d4eead34767c8c573a3533d4efbe27fff9ca19e6b5a9f3452e7cddd6f8ee
GET /css?family=Average+Sans&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 18 Nov 2022 17:50:32 GMT
Date: Fri, 18 Nov 2022 17:50:32 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
200 OK 471 B IP
Hash fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2403
Cache-Control: max-age=143787
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 17:50:32 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:46:59 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
discovery-safaris.co.za/components/com_jrealtimeanalytics/css/mainstyle.css
200 OK 297 B URL HTTP/1.1 discovery-safaris.co.za/components/com_jrealtimeanalytics/css/mainstyle.css
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (573), with no line terminators
Hash cfc6de40e7533c8d3c3131e451b55332
997c2e1c2101459b3bac5a47487ba97864550d4c
e4d1a59ea738f8d7863256a606a6e1d947ca5efd1de0f2858978211bd0edf341
GET /components/com_jrealtimeanalytics/css/mainstyle.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: text/css
last-modified: Thu, 05 Nov 2015 09:47:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 297
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0pzI7FVcac1pVPD6+cV7TQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jjwON6hHImU1l3o4GWTuXq7xNjY=
discovery-safaris.co.za/media/jui/js/jquery-noconflict.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 21 B URL HTTP/1.1 discovery-safaris.co.za/media/jui/js/jquery-noconflict.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery-noconflict.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-length: 21
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/jui/js/jquery.min.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 34 kB URL HTTP/1.1 discovery-safaris.co.za/media/jui/js/jquery.min.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65462)
Hash 39100aed9fb4fb83597ecf774651f411
f731d3d17842ade225cd6e738360125e0fa00d5a
920ceb1164565c509bc1dcaa46b09205fdc4274d15fd7a871ed797badde08841
GET /media/jui/js/jquery.min.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 34178
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/components/com_jrealtimeanalytics/js/jquery.noconflict.js
200 OK 51 B URL HTTP/1.1 discovery-safaris.co.za/components/com_jrealtimeanalytics/js/jquery.noconflict.js
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF line terminators
Hash e4c8ac6ec0559df0e7fcb6ced2b8ddc1
205c98c763e8db6d75a9c6533102d51a0b62d454
dca1bf3f45fd3d83292d92be580c16539cf65b105a42db4c91c6cd58ae9b9f1d
Analyzer Verdict Alert fortinet Malware
GET /components/com_jrealtimeanalytics/js/jquery.noconflict.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2015 09:47:12 GMT
accept-ranges: bytes
content-length: 51
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/jui/js/jquery-migrate.min.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 4.0 kB URL HTTP/1.1 discovery-safaris.co.za/media/jui/js/jquery-migrate.min.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery-migrate.min.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4034
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/components/com_jrealtimeanalytics/js/stream.js
200 OK 699 B URL HTTP/1.1 discovery-safaris.co.za/components/com_jrealtimeanalytics/js/stream.js
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (1295), with no line terminators
Hash b9a5581ac5d0d45acd628dc650c09e47
854424e669356a4f982ee304eba3c4ae4b9cafd9
54fab63cd394f254e3c1f52a39afb5bff82634eb0d4a5bf72e418e82e4d051e6
Analyzer Verdict Alert fortinet Malware
GET /components/com_jrealtimeanalytics/js/stream.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2015 09:47:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 699
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/system/js/core.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 3.4 kB URL HTTP/1.1 discovery-safaris.co.za/media/system/js/core.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (8729)
Hash 12b4f664852a1b584ded98bc6b054cb5
2d97ddec3435d056909ca957877b59ba1b00c1ea
4cbd26a05e5a69479315c475fc3d85836bbeb4c8cc1f36884adfd2cd2ff63770
GET /media/system/js/core.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3361
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/system/js/caption.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 334 B URL HTTP/1.1 discovery-safaris.co.za/media/system/js/caption.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (413)
Hash 67dcbc30fcfad1892362b21170522298
3ff742e04689a2cad78f844f1b76d457bdb72ca5
81c52b778cf87c87d1569c8fc4229d226eaab8e86833d315ec48b48be074fba1
GET /media/system/js/caption.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 334
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/system/css/system.css
200 OK 426 B URL HTTP/1.1 discovery-safaris.co.za/templates/system/css/system.css
IP
ASN #328364 Host-Africa-AS
Hash 339e0281df1b207406db0e9e9d89657f
f263bf975031b33905335c5f0f0438b4039b7bd7
56e50589da00c91be1efd81c16b8dcc0c7fa466512e06e269e3294bdfa31e29f
GET /templates/system/css/system.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 426
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/system/css/general.css
200 OK 881 B URL HTTP/1.1 discovery-safaris.co.za/templates/system/css/general.css
IP
ASN #328364 Host-Africa-AS
Hash d93662a106675f2b12eed521dda91430
8bbbe88759a41fd5910fb3bd8f0b5b2a8978abb8
26a7388fcdf26f1a5c57ce913363d88536fcbf4f7cad4842cbbfdbdd45e2a5c8
GET /templates/system/css/general.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 881
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/system/js/mootools-core.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 27 kB URL HTTP/1.1 discovery-safaris.co.za/media/system/js/mootools-core.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (785)
Hash 1aac320ea1b761869544f0c94c84e2c0
2816f82cc9ca728ea5d902ae39d3f7e0f5c2984a
b13fc49a44560de80095bc867a9451fe4c08bca0b1f1c7b90e5f0a9586c2fafa
GET /media/system/js/mootools-core.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 27038
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/css/template.css
200 OK 9.0 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/css/template.css
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (1385)
Hash c3c3d04cdadc913bc9081b6797a70850
bb377384be2a72d7c6ec0ad09908cd2b154e2338
5852b3f6e5b495c8951a59b2c2c866d2501761a4778127ee1339599e9cf9e796
GET /templates/discoverysafaris/css/template.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: text/css
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8961
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/system/js/mootools-more.js?0b3c22be4f357607a6bd84ca0ac9f41d
200 OK 68 kB URL HTTP/1.1 discovery-safaris.co.za/media/system/js/mootools-more.js?0b3c22be4f357607a6bd84ca0ac9f41d
IP
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (2903)
Hash 89fe96252b664238b6b547e7075f0c01
e0db08e473afb1a5bb330b6181bc09330cb03d6d
6962ccc7a9207eb96d40bbba5c26000b794beecce9804603f7e2dbd12d7d2896
GET /media/system/js/mootools-more.js?0b3c22be4f357607a6bd84ca0ac9f41d HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 68163
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/css/template.responsive.css
200 OK 2.1 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/css/template.responsive.css
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF line terminators
Hash 9803d5b04f1f30da46929559ef575fe1
ea7bbfc6e5052898870184dda8243f05ecd4b173
2390343e14b39faa5c536cf6d8d9a2fbf155e6f3d01a145d252e217d200b5fd8
GET /templates/discoverysafaris/css/template.responsive.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: text/css
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2059
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/script.js
200 OK 12 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/script.js
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF, LF line terminators
Hash 05242ad9a0764271f958f529b0896835
79cbb1f3f2ceb8c3f8b5fb2bc642e0af8b983ac7
e7f6c0a777039ab93f80a6413af9da05b9b56f447f13cefb8d1577edbff12c3f
Analyzer Verdict Alert fortinet Malware
GET /templates/discoverysafaris/script.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12531
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/script.responsive.js
200 OK 4.2 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/script.responsive.js
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF line terminators
Hash c20e51c45da92ada9513a5f222727821
d87c123436679e9ae2b08efe4e0858f3c64926a6
ccce0b183582e93f1c0fa33ca96a8d931804c3fd7f8868799dfd002e68770c2b
Analyzer Verdict Alert fortinet Malware
GET /templates/discoverysafaris/script.responsive.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2015 09:47:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4233
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/modules.js
200 OK 0 B URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/modules.js
IP
ASN #328364 Host-Africa-AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /templates/discoverysafaris/modules.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 17:50:31 GMT
accept-ranges: bytes
content-length: 0
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/jquery.js
200 OK 33 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/jquery.js
IP
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (32089)
Hash 92b6d1f8a650972a28007ff466e7b7e3
be39759afd3c072bee618a42d15fb0682cc9bf4d
1efdbb8a5cf878700ff0ea7e37b3256440e0928996fceb1b911da45addce4710
Analyzer Verdict Alert fortinet Malware
GET /templates/discoverysafaris/jquery.js HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:32 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2015 09:47:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 32917
date: Fri, 18 Nov 2022 17:50:32 GMT
server: LiteSpeed
discovery-safaris.co.za/media/system/css/system.css
200 OK 550 B URL HTTP/1.1 discovery-safaris.co.za/media/system/css/system.css
IP
ASN #328364 Host-Africa-AS
Hash 8f99397ef24dc03ba64af54f04c79711
bf79db8e659af36625644ced4579b6c5c8ea38a3
7096119857c399adc91152683ddd2047c2438496dd3da9e090d944c8c0f381ff
GET /media/system/css/system.css HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/templates/system/css/system.css
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 15:21:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 550
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/images/Images/Biography/Me-and-Rhino10.jpg
200 OK 20 kB URL HTTP/1.1 discovery-safaris.co.za/images/Images/Biography/Me-and-Rhino10.jpg
IP
ASN #328364 Host-Africa-AS
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x394, components 3\012- data
Hash 1eff15df22fad2cf82bc872a2ad4d156
d38e076ca8ba4960c1986a7bbf4cb0ae3b74639d
3f1be6736ca22e472dfa9295f4bbf22f24f0fe7ebe16d7a1342a750007af41b0
GET /images/Images/Biography/Me-and-Rhino10.jpg HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/jpeg
last-modified: Thu, 17 Jan 2019 07:13:22 GMT
accept-ranges: bytes
content-length: 19853
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/images/header.png
200 OK 4.1 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/images/header.png
IP
ASN #328364 Host-Africa-AS
File type PNG image data, 1080 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 32acd339a03095ee07805bf5319c6b83
c45e54a3fd82dc37faeba0fda38be72e3d69d0a4
08e9732b5ab64e70b58ae4dd17cd875a4076bccafdf2a9bbb5d6e4c4b185a7b2
GET /templates/discoverysafaris/images/header.png HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/templates/discoverysafaris/css/template.css
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/png
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-length: 4076
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/images/menuseparator.png
200 OK 98 B URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/images/menuseparator.png
IP
ASN #328364 Host-Africa-AS
File type PNG image data, 1 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash bbff80fdef74d7fc5d99f133c00e6dcc
6f7cf6a8b19bb590ff169fb00366bdca3f1c5f80
a27cf3ebdd40dd1405469a7b3603d38fe31815a2ec57cfded148f6165547207e
GET /templates/discoverysafaris/images/menuseparator.png HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/templates/discoverysafaris/css/template.css
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/png
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-length: 98
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/images/spacer.gif
200 OK 43 B URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/images/spacer.gif
IP
ASN #328364 Host-Africa-AS
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /templates/discoverysafaris/images/spacer.gif HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/templates/discoverysafaris/css/template.css
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/gif
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6793
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 17:50:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6793
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 17:50:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6793
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 17:50:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6793
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 17:50:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30ad43f65949e7e22e73292e3d684f3d
9404b0071027ac7ec0055a9edfbd607e3a8ae501
b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qtpQ9y_8ohoqKpvTx-mWM439VyjZnpmTKKCEAEnknL3CVN8ZkiJaYQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:46 GMT
age: 72647
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mhgNSp1_LsVmn00ULm116flMHpnfE6G6JABrJwXH5i4q-isv_W1-Ig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:18 GMT
age: 72975
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 18:45:44 GMT
age: 83089
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 71873
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35da1192dcadc6e329a9e60c16904301
90a146aef85765630a5e09e46a0a8682e204bec1
816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 48wUhxwMgsEj2J01EWOTCfWLNZPwFrjjXd6V_uSp8yae4YtGTTVlxA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:12 GMT
age: 70581
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 71984
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
discovery-safaris.co.za/index.php?option=com_jrealtimeanalytics&format=json
500 Internal Server Error 688 B URL HTTP/1.1 discovery-safaris.co.za/index.php?option=com_jrealtimeanalytics&format=json
IP
ASN #328364 Host-Africa-AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 96367c6b4d35e9a966e9528e61e2a228
6cb125efad268c3ef0fb623171d495cfe7d0c742
339b35212b6ae05813aa90e134186da367b2ca33271b31db90f0e2692b78db61
POST /index.php?option=com_jrealtimeanalytics&format=json HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 102
Origin: http://discovery-safaris.co.za
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 500 Internal Server Error
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 688
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/templates/discoverysafaris/images/page.jpeg
200 OK 115 kB URL HTTP/1.1 discovery-safaris.co.za/templates/discoverysafaris/images/page.jpeg
IP
ASN #328364 Host-Africa-AS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 115 kB (115383 bytes)
Hash bf4b3d386b5fc7c46e6e5db30c552fbf
08a4947f9dbfbf1a8d4302a2a3b9d4ccc8b2f6de
da5529912ba1e26b220520ef5a8bc19608e3ad51d33eb4743adbb5fafdfa8c6b
Analyzer Verdict Alert fortinet Malware
GET /templates/discoverysafaris/images/page.jpeg HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/templates/discoverysafaris/css/template.css
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/jpeg
last-modified: Thu, 05 Nov 2015 09:47:05 GMT
accept-ranges: bytes
content-length: 115383
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/images/Logo_Transparent_Back.png
200 OK 395 kB URL HTTP/1.1 discovery-safaris.co.za/images/Logo_Transparent_Back.png
IP
ASN #328364 Host-Africa-AS
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 395 kB (395078 bytes)
Hash 220a4bbdb0dd6118f7289b71a2b065b0
572bbf46dd7f5d89a3586c359116cc50a2ad42f6
1aebcd42a8c9232015ee336f2de9b8f2e4dfa73fe58b85c9ea46158f9296bea6
GET /images/Logo_Transparent_Back.png HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 25 Nov 2022 17:50:33 GMT
content-type: image/png
last-modified: Mon, 13 May 2019 05:57:40 GMT
accept-ranges: bytes
content-length: 395078
date: Fri, 18 Nov 2022 17:50:33 GMT
server: LiteSpeed
discovery-safaris.co.za/favicon.ico
404 Not Found 1.2 kB URL HTTP/1.1 discovery-safaris.co.za/favicon.ico
IP
ASN #328364 Host-Africa-AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: discovery-safaris.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://discovery-safaris.co.za/
Cookie: af98cbf8a998b94ec08292a8a42582b3=6ed3078e8aa52b50ad79ba98699f11ab
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 18 Nov 2022 17:50:34 GMT
server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:03:27 GMT
age: 71233
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
102.130.123.199
34.117.237.239
93.184.220.29
23.36.77.32