r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2835
Expires: Sat, 07 Jan 2023 18:01:14 GMT
Date: Sat, 07 Jan 2023 17:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5979
Expires: Sat, 07 Jan 2023 18:53:38 GMT
Date: Sat, 07 Jan 2023 17:13:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 16:48:08 GMT
content-type: application/json
age: 1551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Sat, 07 Jan 2023 18:14:30 GMT
Date: Sat, 07 Jan 2023 17:13:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f+0m76IRrD4F2jF38ZJOy/+ZggeCkuYG4d7Yrvffbmv+kRcJ+MgNz/50v4qRmzUVOHMNxz7T6jjXpjqkxbYq1w==
x-amz-request-id: AWJS562424FPVA6Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 16:15:22 GMT
age: 3517
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 17:13:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 16:17:20 GMT
age: 3399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
209.140.22.121200 OK 32 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
IP 209.140.22.121:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1021), with CRLF line terminators
Hash bc3251eccd000a05bffaaaa770e0a3bb
a736b1bc2e3ec217e7543faa93b7a3c233788117
abdf1d346aafbedb04d62d9cf0aad20220ba0a89013fb6e0732f152626c144b0
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:13:59 GMT
Server: Apache
Content-Length: 31499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 17:14:00 GMT
Last-Modified: Sat, 07 Jan 2023 16:23:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.200.60.216101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.60.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CJd5BVPGz+kOY8w6amyMtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +79wiTkFg7cCIYi0M1XUC8Jbtsg=
parkingcentral.net/nhrb.cnc/5/media/styles.css
209.140.22.121200 OK 238 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/styles.css
IP 209.140.22.121:0
File type ASCII text, with very long lines (65352)
Size 238 kB (237450 bytes)
Hash 9513f5546ed180f2e9adef1d52213db9
1cd1ee09e2ca5b2f2719fef46a59096c6dafe6bb
ce6346046fc87765e2815794dccc487fb95284bdb76697f7e53ca450b0641eaa
GET /nhrb.cnc/5/media/styles.css HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:24:56 GMT
Accept-Ranges: bytes
Content-Length: 237450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
parkingcentral.net/nhrb.cnc/5/media/style.css
209.140.22.121200 OK 145 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/style.css
IP 209.140.22.121:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 145 kB (145055 bytes)
Hash ac922ecbe9a3c9017307bf651658c774
6934fbde5b9d13334381abaffff81dd252208d56
1df1b081d0aad204d6669abbb9dee7b49ef68b4de44f052b29b24382e5af4766
GET /nhrb.cnc/5/media/style.css HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Thu, 03 Dec 2020 03:46:20 GMT
Accept-Ranges: bytes
Content-Length: 145055
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
parkingcentral.net/nhrb.cnc/5/media/jquery-2.2.3.js
209.140.22.121200 OK 259 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/jquery-2.2.3.js
IP 209.140.22.121:0
Size 259 kB (258648 bytes)
Hash aacc43d6f308fa362ac85e3f4fb2b30c
09b2fbec3c6e662be486da501a913d4b93ad39eb
95a5d6b46c9da70a89f0903e5fdc769a2c266a22a19fcb5598e5448a044db4fe
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/jquery-2.2.3.js HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Tue, 17 Nov 2020 02:38:44 GMT
Accept-Ranges: bytes
Content-Length: 258648
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
parkingcentral.net/nhrb.cnc/5/media/AppStoreBadge.svg
209.140.22.121200 OK 12 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/AppStoreBadge.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/AppStoreBadge.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 12224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/login-secure.svg
209.140.22.121200 OK 5.5 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-secure.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2575)
Hash 2ac190a1585df4726aaab558465a3677
4724c9e5a01d8a67502afa1f3aee0a799c5e674f
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-secure.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 5523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/GooglePlay.svg
209.140.22.121200 OK 23 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/GooglePlay.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Hash 56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/GooglePlay.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 22795
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Error_Orange.svg
209.140.22.121200 OK 933 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Error_Orange.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (349)
Hash ea909396b604c3c01db7d3608ebb259e
7fb0f3707716e3ecad2addecbaee8b8079154813
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Error_Orange.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 933
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/login-fast.svg
209.140.22.121200 OK 5.3 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-fast.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2974)
Hash 81a16172e4f2f3144e41fb7b161479ce
e402f0b8ba2d98fb397e153ab2f479d323ba0c96
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-fast.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 5286
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/HuaweiStoreBadge.svg
209.140.22.121200 OK 23 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/HuaweiStoreBadge.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1948)
Hash ebca1ba48fc8843d69e32d98d233b928
68b6d14f6b8e0cea4c98b933ed5cc489d46134f9
1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/HuaweiStoreBadge.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 22958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/entrust_site_seal_ssl.png
209.140.22.121200 OK 19 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/entrust_site_seal_ssl.png
IP 209.140.22.121:0
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
GET /nhrb.cnc/5/media/entrust_site_seal_ssl.png HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:00 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 18758
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
parkingcentral.net/nhrb.cnc/5/media/login-easy.svg
209.140.22.121200 OK 4.1 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/login-easy.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2053)
Hash f0d22f982d5b06f6ddcc86d4ea20b34c
78d94235b41832ad6ccae8471754c787d6cae604
9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/login-easy.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 4147
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Experience.svg
209.140.22.121200 OK 12 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Experience.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (893)
Hash 3c30ea4f3370147c14d614b4e82323b1
f212ae8d2f0d655a1aed7ca8b43c13ba96aa159e
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Experience.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:15:28 GMT
Accept-Ranges: bytes
Content-Length: 12340
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/cross-close-white.svg
209.140.22.121200 OK 237 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/cross-close-white.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 378eae90527ac0e3766c3798c76b5b64
72a5a3167ae6fe2f434e7bdb2650d9f781c35020
89252245ff4ddb40f7d961d7112209c4d5b1a206392146027dddecc04b53c999
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/cross-close-white.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:29:08 GMT
Accept-Ranges: bytes
Content-Length: 237
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/NedbankIcon.svg
209.140.22.121200 OK 1.3 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/NedbankIcon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (483), with CRLF line terminators
Hash 4524fe949ec4e8fc09e53b254a9309ec
e48ebe170ce00e6c1ff6b85d1a6958941c52b4b0
9f03e50b45def1c758746fc72c3dd9f465eafa79f4b98226406af667fadb13dc
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/NedbankIcon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:26:52 GMT
Accept-Ranges: bytes
Content-Length: 1336
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/cookie-icon.svg
209.140.22.121200 OK 1.9 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/cookie-icon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (534), with CRLF line terminators
Hash 3500cea77fa8facce19a3d78e3d65efd
64561c1fa2bbc10d14ef7ad215215d87131ca614
fe40a000e17d2ff50ee03ddf8fa43c29b4f7bac9008cce7f94e649a072cbd9bf
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/cookie-icon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Thu, 03 Dec 2020 02:00:04 GMT
Accept-Ranges: bytes
Content-Length: 1910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/icon-chat-thin.svg
209.140.22.121200 OK 741 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/icon-chat-thin.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (447), with CRLF line terminators
Hash 83f7e92164b236b189f0f97f35813eae
948bcd0ad350232f160457b2aabed9812ebd801c
ccdad4ff98cc6f06e6e4469c2f153cd05e16a7bb390e5db677ab2f4fa85ce0cd
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/icon-chat-thin.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:25:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/location-blank-green.svg
209.140.22.121200 OK 1.2 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/location-blank-green.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (359), with CRLF line terminators
Hash 15be25902bd569e3e4659d742681e2fb
613050d4c8541fea62a4123605610b3610917fb3
cd12b1387c0081203b3cc5c14e644e0368bd887e0002d6a78f4ce89184079c7b
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/location-blank-green.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:28:54 GMT
Accept-Ranges: bytes
Content-Length: 1170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf
209.140.22.121200 OK 162 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 162 kB (162260 bytes)
Hash 8531ae94f5ad973be8b718f88e9660ed
a6d5635dcebab54c459a725da9a892017627a994
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro-Medium.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:34 GMT
Accept-Ranges: bytes
Content-Length: 162260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/otf
parkingcentral.net/nhrb.cnc/5/media/contact-blank-green.svg
209.140.22.121200 OK 1.1 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/contact-blank-green.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 45328cfea483e7616bd24d895061746f
254babed655099ecabde38fdd2a9eebe4745197e
34870e9d178688052bf6ac99404873d4ba713b026369a811083b588d9d803312
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/contact-blank-green.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:00 GMT
Accept-Ranges: bytes
Content-Length: 1125
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/demo-icon.svg
209.140.22.121200 OK 1.6 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/demo-icon.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1093), with CRLF line terminators
Hash 743f7630b78dcb8c373e994da6945761
16a1b674069131ac8b01bdb0fb0977ccfc78da6e
d618a969357e7068c902c05acd681131cf186ff0fbe53f35c7519980f33a32ea
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/demo-icon.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:48 GMT
Accept-Ranges: bytes
Content-Length: 1628
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Arrow.svg
209.140.22.121200 OK 761 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Arrow.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b303c49924ce1909fcbcc33522ebf8f5
d1c3ab0e640f7fb06962d72a7b5799e7a1c1811f
636a98e693146284effe41930c519a43f586aca7769d8a4acb64b8dbbb9ef5e2
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Arrow.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:29:50 GMT
Accept-Ranges: bytes
Content-Length: 761
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf
209.140.22.121200 OK 166 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 166 kB (165936 bytes)
Hash 476d44b0f6c8939bb8859c9ce7598310
cd8fb565970c2750a12b3b47b1869578f7a041fb
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro-Bold.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:30 GMT
Accept-Ranges: bytes
Content-Length: 165936
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/otf
parkingcentral.net/nhrb.cnc/5/media/outline-cheque.svg
209.140.22.121200 OK 259 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/outline-cheque.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 4a2b65b698559fc79b4e013118ab7f95
7c09f88b6ad294979142eb11bf2fe87b51b350a8
cce1cb057aba624a402810787efca075b01266b8c7d70fbfc29c06e04c9db877
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/outline-cheque.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:26:32 GMT
Accept-Ranges: bytes
Content-Length: 259
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/Eye-Show.svg
209.140.22.121200 OK 969 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/Eye-Show.svg
IP 209.140.22.121:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 73c874f4bd757bebaedc93137dec93cd
28a3a7ff7f4c6665f91dc9e5f686516dd412b594
3b5618abb126e7405b0ee27b5e979d3ac3bb85f8923191268cd27fb768888cd0
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/Eye-Show.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:27:16 GMT
Accept-Ranges: bytes
Content-Length: 969
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf
209.140.22.121200 OK 165 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf
IP 209.140.22.121:0
File type OpenType font data\012- data
Size 165 kB (165396 bytes)
Hash 12d6724a254d3be629fc6b2871ae5a6a
d3a93c9ed090be9366b9513e5515e8e19ff48459
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/FontFont%20-%20MarkPro.otf HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/styles.css
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:24 GMT
Accept-Ranges: bytes
Content-Length: 165396
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/otf
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 07 Jan 2023 18:06:01 GMT
Date: Sat, 07 Jan 2023 17:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 07 Jan 2023 18:06:01 GMT
Date: Sat, 07 Jan 2023 17:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 07 Jan 2023 18:06:01 GMT
Date: Sat, 07 Jan 2023 17:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 07 Jan 2023 18:06:01 GMT
Date: Sat, 07 Jan 2023 17:14:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sat, 07 Jan 2023 18:06:01 GMT
Date: Sat, 07 Jan 2023 17:14:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4dd5fc3111e49a998f6c1c8e8ef049
54c51c4566a514b9d8567a34e5b6f7dfd6614fa6
f05de119c3ddf9ad7bec9189889f9a8ddbd4aa764ce71d8ef8c839163faf5825
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f422f55-b598-4b18-ad6c-d64bb470b0c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7569
x-amzn-requestid: e7a15e21-9a65-40f1-98e4-006e2a121b7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQSzVHOwIAMFzgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b664e1-6834326e53cb489002a03bd2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 05:49:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4I7f4A-ZmiePaI12AC4e6FUrT-B9VDr2fXe7LBNu0tkTEsK9Wpgw-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:41:37 GMT
age: 30744
etag: "54c51c4566a514b9d8567a34e5b6f7dfd6614fa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3356bee662c2ea20cbebff5293e73340
625cfd3806740998c859fef8c1153efea72f5342
cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _BEaXb201gimcwDsb3uSk_O3LEH22mmdfCfCEnUSdWSAwprC8q4z7A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 15:02:30 GMT
age: 7891
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 69f52653-2506-462d-9893-0f799b344286
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVkwUGirIAMFncw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8819b-0fa57a29615e8bb45dc4542a;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 20:16:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: wIRDocC9oXbYc6MO03kfkfBlZe44nlRSoJUaEkt23Hoxp_f51r6FAw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 04:22:22 GMT
age: 46299
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5ZQenYpYQdMO-K0uy0zgWwUVEGUHGy1M_jgQI6VoMt1LEtaQBWGiRg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 12:14:12 GMT
age: 17989
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 00:24:31 GMT
age: 60570
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ea2a04001ae6e92e56682f186ffbc2
dea01d8485f04aba4dcae63eb073a76d242a0095
c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:58:04 GMT
age: 69357
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
parkingcentral.net/nhrb.cnc/5/media/favicon.ico
209.140.22.121200 OK 1.4 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/favicon.ico
IP 209.140.22.121:0
File type MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Hash 68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5
GET /nhrb.cnc/5/media/favicon.ico HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Accept-Ranges: bytes
Content-Length: 1430
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon
parkingcentral.net/nhrb.cnc/5/media/icon-512x512.png
209.140.22.121200 OK 41 kB URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/icon-512x512.png
IP 209.140.22.121:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, interlaced\012- data
Hash 45dc0d3ba9b11c9e0358ab3b418f7fcc
904740c7345e3770815dc35ab72b8f2e2b7b5ba1
fcb0dba575e2a3be211208f2a81a519c5d61109ebe399731d140ce5d87ed0920
GET /nhrb.cnc/5/media/icon-512x512.png HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/login.php?session_id=getpkechnpafomzfajscwuodcftmkmlhwosbsnb5nm3uikycuf7nifqci9vq1i13puqqe5yh9qjyezrf
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:23:14 GMT
Accept-Ranges: bytes
Content-Length: 40873
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
parkingcentral.net/nhrb.cnc/5/media/close-gray.svg
209.140.22.121404 Not Found 0 B URL HTTP/1.1 parkingcentral.net/nhrb.cnc/5/media/close-gray.svg
IP 209.140.22.121:0
Analyzer Verdict Alert fortinet Phishing
GET /nhrb.cnc/5/media/close-gray.svg HTTP/1.1
Host: parkingcentral.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parkingcentral.net/nhrb.cnc/5/media/style.css
HTTP/1.1 404 Not Found
Date: Sat, 07 Jan 2023 17:14:01 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://parkingcentral.net/wp-json/>; rel="https://api.w.org/"
Set-Cookie: stm_visitor_1=13140534; expires=Mon, 06-Feb-2023 17:14:05 GMT; Max-Age=2592000; path=/
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8