r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2986
Expires: Thu, 06 Oct 2022 22:29:37 GMT
Date: Thu, 06 Oct 2022 21:39:51 GMT
Connection: keep-alive
www.hawaiicarrentals.net/prepay-gas-options.php
174.136.15.231302 Found 239 B URL HTTP/1.1 www.hawaiicarrentals.net/prepay-gas-options.php
IP 174.136.15.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0a57e851d49b340efa5b071991f4547f
54665d667b95b6366d61ea36007786c2d9e73f08
5612297331adc28709055779e3b47d986fedc17fc2384305c42ebfda48f53424
Analyzer Verdict Alert fortinet Malware
GET /prepay-gas-options.php HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 21:39:50 GMT
Server: Apache
Location: https://www.hawaiicarrentals.net/prepay-gas-options.php
Content-Length: 239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bWKavU82n7z-Y0luL3iku8KpCHiSuITfDnR7a7AGe6FOcpDCBmpvWw==
Age: 107553
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6203
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 21:39:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dLbeNqcFst21ydFyeAJyB2eHS/8bs7+v4FO0HNm5IA6fvGSNGahA5MXjeFUiWw8kKRBWHIX/xOI=
x-amz-request-id: YJPF35N9VHF41VQV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:58:53 GMT
age: 2458
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:39:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 21:01:58 GMT
Expires: Thu, 06 Oct 2022 21:07:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DFlzqE3XDE2GmsKeURXVuBiLmbvo5javlhVAlQwW7fwmvKNkCgp3nA==
Age: 2273
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Last-Modified: Thu, 06 Oct 2022 21:03:19 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:39:51 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1898768
expires: Tue, 26 Sep 2023 21:39:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aYDyVuX7ds%2FTsV%2F0nsmLhayoS2FA4AncFbcLvWClyaV9oNtR2K0frdaAhCvZrBd0TPIVayNUQ6yXJo9QmxjfBwgEIEHPYhXhM3x4%2FSsEzbgB7974z25aVsc8h8xvsDrgXwYRYFC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75618d584d31b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hawaiicarrentals.net/prepay-gas-options.php
174.136.15.231200 OK 58 kB URL HTTP/1.1 www.hawaiicarrentals.net/prepay-gas-options.php
IP 174.136.15.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (967), with CRLF, LF line terminators
Hash be4e8a59f92f688d6288396a2b3e7eb6
58f3048dbd957d2bb8058bdd42059403aa2144d6
247f119663797b206286568290d94dfdc56f182e1d9affd9d814d86e432f48d7
Analyzer Verdict Alert fortinet Malware
GET /prepay-gas-options.php HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:51 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
142.250.74.42200 OK 64 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32035)
Hash d42e0db378c3b7ae639f482be65ca7e0
febb6ba0cb20fbf345e42afbb194f557de4fdb3b
9a978650fc7920f6ce184b5febda53dfadb49086ee56326e0f7ca999b7e802ef
GET /ajax/libs/jqueryui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64481
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 11:13:41 GMT
expires: Thu, 05 Oct 2023 11:13:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 123970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
142.250.74.42200 OK 8.1 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
IP 142.250.74.42:0
File type ASCII text, with very long lines (2363)
Hash f82cf2fcc0d83528c760595267f4b13c
6ceabb58082f73c764dc15636f38de0e3ad31935
90a65ba22d8ab66098ba901006963f75f54be465bd2df2dd11c434e483fd3a75
GET /ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 05:29:15 GMT
expires: Tue, 03 Oct 2023 05:29:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 317436
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.34200 OK 34 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (3863)
Hash 806d65f40c90180470aa46d2253b273a
04c4170afb48d70060faa53e94a9ff215cff5524
3810affeb24ed6d912bc128e1b143530413f0890b330180ff9a0489ef40b82dc
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Oct 2022 21:39:51 GMT
expires: Thu, 06 Oct 2022 21:39:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16843557699228371506
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 33852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:13:32 GMT
expires: Thu, 05 Oct 2023 18:13:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 98779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hawaiicarrentals.net/js/jQuery-2.2.0.min.js
174.136.15.231200 OK 30 kB URL HTTP/1.1 www.hawaiicarrentals.net/js/jQuery-2.2.0.min.js
IP 174.136.15.231:0
File type ASCII text, with very long lines (32069)
Hash 70819fc5133a06fe4600916398346381
b0a784d8e9de14db650e108889e29fc8cb093cb5
d1673724e044794a2141495adb3c171decf60f88dee80c99256ba49dbe4846dc
Analyzer Verdict Alert fortinet Malware
GET /js/jQuery-2.2.0.min.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:51 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:47:18 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:51 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 29886
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hawaiicarrentals.net/js/formsearch.js
174.136.15.231200 OK 2.9 kB URL HTTP/1.1 www.hawaiicarrentals.net/js/formsearch.js
IP 174.136.15.231:0
Hash a550d3b8716bee1ba5c30d48403e607d
e9da10a72d2292ac47b613839f358e485018620b
5a3a2581497393f842dcd0ff468f7a0a041d302b6fd8392412143d8c87a6b5c7
Analyzer Verdict Alert fortinet Malware
GET /js/formsearch.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:52:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/css/test.css
174.136.15.231200 OK 9.0 kB URL HTTP/1.1 www.hawaiicarrentals.net/css/test.css
IP 174.136.15.231:0
Hash a359e2d36ed8c571d7b7246dd1e3d7e8
c8b363890c8e22238220dc6c6b80ec2e06385f7e
4e0a51ddd67768b38f71739f70cd13886dda764961679e759fd2209cfb1f4f9d
GET /css/test.css HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 11:12:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9005
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.hawaiicarrentals.net/css/custom.css
174.136.15.231200 OK 659 B URL HTTP/1.1 www.hawaiicarrentals.net/css/custom.css
IP 174.136.15.231:0
Hash d5377c8d4fdffc5b15d02cef51a4b720
c036da0818c4834877e96f7b3d146176662b9c3f
57215edd2cf9b23bd81fc905c860c7382261b8e45ad9319bb8164fb6d9a45fd7
GET /css/custom.css HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2022 11:04:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 659
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.hawaiicarrentals.net/css/font-awesome.css
174.136.15.231200 OK 4.3 kB URL HTTP/1.1 www.hawaiicarrentals.net/css/font-awesome.css
IP 174.136.15.231:0
File type troff or preprocessor input, ASCII text, with very long lines (305)
Hash de8d4977fb79f6537f4e7264c74f52a5
41bdf5f9a4d684f37878e914a886ae24b3f077ef
6ab9e7e95764b04d9de1d9d4247297ecc142df87b02c3bd696ab38c1e1096a61
GET /css/font-awesome.css HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.hawaiicarrentals.net/css/animation.css
174.136.15.231200 OK 1.4 kB URL HTTP/1.1 www.hawaiicarrentals.net/css/animation.css
IP 174.136.15.231:0
File type assembler source, ASCII text, with very long lines (1260)
Hash 7535a316c353c191e890dc6665384372
6a73a6eb6446e29d6bb4dc7ea3875e356c03d75f
c92ced6c02854e313a2249de624b553b0ab18099cf38152767d74701bf01e0d1
GET /css/animation.css HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1371
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.hawaiicarrentals.net/css/bootstrap.css
174.136.15.231200 OK 21 kB URL HTTP/1.1 www.hawaiicarrentals.net/css/bootstrap.css
IP 174.136.15.231:0
File type ASCII text, with very long lines (540)
Hash b12b8e4f6a7fe7a7e10c299ff98506d9
57536746c33e510e76ff9089e35250cdb216f3c4
565042aa37165d9d8e964d5c16b9c8769b949ff07bc6aeb5cf697a6e33309f26
GET /css/bootstrap.css HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21423
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.hawaiicarrentals.net/js/test.js
174.136.15.231200 OK 603 B URL HTTP/1.1 www.hawaiicarrentals.net/js/test.js
IP 174.136.15.231:0
Hash 9686b823e4515aaeaca942ac0529a161
1081125827c925d8c7329eebd62a6f1a9739fb76
43cc6e8074592d8118a8d01d42c1a3e1f8367007f649633a6635baf4659e79b2
Analyzer Verdict Alert fortinet Malware
GET /js/test.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:48:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 603
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/js/maps.js?tt=1665092391
174.136.15.231200 OK 759 B URL HTTP/1.1 www.hawaiicarrentals.net/js/maps.js?tt=1665092391
IP 174.136.15.231:0
File type ASCII text, with very long lines (1752), with no line terminators
Hash dd81e4558bb01b9abef49cb90e8364c8
9409539acdf3c2d22db03842ca8cbe359c3476bb
97f5f18c21f1a05599e5854b853bb5300250c1c0a76b36725a51d01032a29535
GET /js/maps.js?tt=1665092391 HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 09:02:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 759
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/js/jquery.cookie.js
174.136.15.231200 OK 802 B URL HTTP/1.1 www.hawaiicarrentals.net/js/jquery.cookie.js
IP 174.136.15.231:0
File type ASCII text, with very long lines (1801), with no line terminators
Hash 389c6b78d7d731f2b4c1a04b763d4c06
9bd412c7ebe17472402ca867d6c7452f137c2239
2abf4b476431e647e7ad31145ae8abd104398397c17c81220438d0856149242a
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.cookie.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:50:43 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 802
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/js/bootstrap.js
174.136.15.231200 OK 11 kB URL HTTP/1.1 www.hawaiicarrentals.net/js/bootstrap.js
IP 174.136.15.231:0
File type ASCII text, with very long lines (444)
Hash 669f96564f2b60094b6da1eb8bbbcc47
41a44ea9f738f82586734ec3e3bb5caad9e19b1a
47d0a05dd0b167835ca2d0f36b6c28913a04d9dfed5e2b115c5884a32bba4e25
Analyzer Verdict Alert fortinet Malware
GET /js/bootstrap.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:51:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10957
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/js/jquery.simplemodal.js
174.136.15.231200 OK 3.1 kB URL HTTP/1.1 www.hawaiicarrentals.net/js/jquery.simplemodal.js
IP 174.136.15.231:0
File type ASCII text, with very long lines (626)
Hash d309e30627404c58a946506dc665691b
bd38e27a45958fa548d3f9ab2a1467a1c185bcb4
7e4af2f85cc7285e747075acb717881f68b962394204a1b5016c770565a02c75
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.simplemodal.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:49:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3069
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/js/mapPopUp.js
174.136.15.231200 OK 364 B URL HTTP/1.1 www.hawaiicarrentals.net/js/mapPopUp.js
IP 174.136.15.231:0
Hash a922a05c2733cbdac84bb92be6dbf983
0f54167f81736d29f8fa730f380d6178aece2937
e7abea7f74c1245bf03b547af66ca9a64ab85012cd9a4e5fd152b8d9a02309bd
Analyzer Verdict Alert fortinet Malware
GET /js/mapPopUp.js HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 04:46:09 GMT
Accept-Ranges: bytes
Cache-Control: max-age=86400
Expires: Fri, 07 Oct 2022 21:39:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 364
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.hawaiicarrentals.net/image/headerBanner.png
174.136.15.231200 OK 1.6 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/headerBanner.png
IP 174.136.15.231:0
File type PNG image data, 418 x 62, 8-bit colormap, non-interlaced\012- data
Hash 8e8d2d53e4fbbed7b40cbfa282798cc7
0e60e4eb0ff70da685d5078f17f56a265cc53161
4d8372e7c71f0ca98c25b6808699bfbcaeb4f2ab0681ee891cb6df405f88003d
GET /image/headerBanner.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 1559
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/social/pInterest.png
174.136.15.231200 OK 2.8 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/social/pInterest.png
IP 174.136.15.231:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash cdad6092c28083bd3c2d3cdf841c4034
98931c339b1e0d5bb77658cf8a7d5392277f4eb7
310de70f33f7bc8f44867b8b9a249cfd7b5afa04d8628e7a58632e198bc2651d
GET /image/social/pInterest.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2848
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/social/linkedIn.png
174.136.15.231200 OK 2.0 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/social/linkedIn.png
IP 174.136.15.231:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 93c84898ea633aa6a29e7af0d368bedb
d461bb18e2bdaeedef9cac524bb4d4fc46fbaa29
63476b2f5e69335a0d6c8aa2648b0f097dbbcc834954ece569461dda140b96c7
GET /image/social/linkedIn.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2017
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/social/youtube.png
174.136.15.231200 OK 2.2 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/social/youtube.png
IP 174.136.15.231:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b37e29c6040e221e9eef6ef73cc13ee
6290eeb6e189e2f7310be32463b6ae15664db23d
ef029376351017ed652ca4012ee71977051a240cd710faf3250f977f10af2048
GET /image/social/youtube.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2171
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/hcrLogo.png
174.136.15.231200 OK 41 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/hcrLogo.png
IP 174.136.15.231:0
File type PNG image data, 226 x 182, 8-bit/color RGBA, non-interlaced\012- data
Hash 54aa1df976264f7c409302201301a600
45e909f8e7f7c24fc317bfbe32b6f05ee76dffab
799053482b1c2c7964ebbd764adf78369fb21a22ce04dfafa1f0b61c2e098907
GET /image/hcrLogo.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 40861
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/air-conditioner.jpg
174.136.15.231200 OK 172 B URL HTTP/1.1 www.hawaiicarrentals.net/image/air-conditioner.jpg
IP 174.136.15.231:0
File type PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash accf6be1a75f861333808f07bc534c11
4bae613bcc1b913d93a1bf7ff982a6faa5fd1e00
196cfc8099c1f142b8a86abfeaf23578db53936bc1ccc88546b5ac086c11d2ed
GET /image/air-conditioner.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/test.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 172
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/social/facebook.png
174.136.15.231200 OK 1.6 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/social/facebook.png
IP 174.136.15.231:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 7186e3573d8e60f7f0c05e0d2ae94b7b
4e432312fd7cfe42e02876e6f5654fcc2e51dd85
ceb8d56bc922651445de96d8e1ea656283c3477f80b125191c588315259280aa
GET /image/social/facebook.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 1645
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/social/twitter.png
174.136.15.231200 OK 2.0 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/social/twitter.png
IP 174.136.15.231:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash f2bd4a30727f086f38fbe0d34d8f83ba
8f2eb80b585b034a8235728203d5988ed44bece2
cba9e8164e32ae2981a3ebc2214c120c331944ffae11df7a75381e0d147eea0e
GET /image/social/twitter.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2037
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/avis_button.jpg
174.136.15.231200 OK 2.4 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/avis_button.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 134x47, components 3\012- data
Hash b522915d7ce7fb3364ffbda0670f8809
735a409e4a43ab56f2de4fa050301674c87833af
646163a9dab21c4ffc2472cf411592c5356686d3e71f7891582c4b926d7a5c1d
GET /image/avis_button.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2361
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/icon-help.png
174.136.15.231200 OK 569 B URL HTTP/1.1 www.hawaiicarrentals.net/image/icon-help.png
IP 174.136.15.231:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b80f384cee95edbcc5426b1050d83f3
ff2bc9104d37636c48b379d4684cf32257d68a71
cb67f2a10ed083879d9f26ab605b5851aadc8f1fb66fc1be2ba5b1cb5d46e271
GET /image/icon-help.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 569
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/checkRates.png
174.136.15.231200 OK 2.6 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/checkRates.png
IP 174.136.15.231:0
File type PNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash f70a5dd3221947161a15cad65a066cad
5872d78e894e9ed774ec33f1c6469f22088c565e
df3ad770013c9916b8f970591ca5128e387a240827e67439f4328b856095f846
GET /image/checkRates.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/test.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2584
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/sand.jpg
174.136.15.231200 OK 400 B URL HTTP/1.1 www.hawaiicarrentals.net/image/sand.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 9x310, components 3\012- data
Hash 3ec16a3915ebda9d46944577fc9ac853
392fe5cedb9f341292eb0efab42e975e7e390394
b20ffb92fd75755dca240264ed52717f50fdb0d9b0488775c42b82e0cca2a9fe
GET /image/sand.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/test.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 400
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/bonusBullet.png
174.136.15.231200 OK 261 B URL HTTP/1.1 www.hawaiicarrentals.net/image/bonusBullet.png
IP 174.136.15.231:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash ce6962dfbe7b2a9f1b2122957818fdb2
55d21eec6147c6dde7276b709b22ad9b7d32b791
63f2564426ed8b8c5cb7282bccde9e7f3aff11ec52616f3990705f89948152e3
GET /image/bonusBullet.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 261
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/budget_button.jpg
174.136.15.231200 OK 2.2 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/budget_button.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 134x47, components 3\012- data
Hash 89ef8d7cd2782b339af864d828fe9235
4ee02ffa57e3f34db5cfb22b5800cedf3a1e4e4f
062c74bb3e643003fda4bbf44279402b5533541b16a0e2a8af652d446fd9ed32
GET /image/budget_button.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2249
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/dollar_button.jpg
174.136.15.231200 OK 2.3 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/dollar_button.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 134x47, components 3\012- data
Hash 2cbb4879442d0170638d587288718fea
6063274977ed39af8380a083ddf8786e9b5e44b8
0e4f4ba6737afa99058c156f8c31918d8e37f546ab97e7a3088409c6616986a7
GET /image/dollar_button.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 2251
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/enterprise_button.jpg
174.136.15.231200 OK 1.9 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/enterprise_button.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 134x47, components 3\012- data
Hash 5dabb75ae10c10af11fd220ab9d2c052
eb108b986caf81854e88fba6cd1e47066cb61759
65fc41af31528c9d449da2c7410dc7814322d055f1108416ddc0bbe276fdf42e
GET /image/enterprise_button.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 1898
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/hertz_button.png
174.136.15.231200 OK 3.2 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/hertz_button.png
IP 174.136.15.231:0
File type PNG image data, 134 x 47, 8-bit colormap, non-interlaced\012- data
Hash aa0a46d7d90c1ca2e01d0019c3df00ca
5eeb16c2d8af06e6ae607fe68a727969e7a6a7aa
e1aedef89c0d6341ab5013fee7fc34ee6b64ae28ba4d7a2d3c57e91026623d1c
GET /image/hertz_button.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 3180
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/thrifty_button.jpg
174.136.15.231200 OK 3.5 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/thrifty_button.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 134x47, components 3\012- data
Hash 4864f1bf32f737605f6fef82e7d2e597
06036b33ac8726a1a1e173bb89c92c0e9568b030
dbf38979e9ffd29106fd661f72b36a4ee10e0e324ea4691573df4fb0d391ced1
GET /image/thrifty_button.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 3462
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/bg.jpg
174.136.15.231200 OK 179 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/bg.jpg
IP 174.136.15.231:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x1226, components 3\012- data
Size 179 kB (178673 bytes)
Hash 8797797ca7777d096121439dfb1930dc
dc26beadba40972346c4ec094b39e35b51103efd
14cca608038b2e69cd49a00eb7a09f6e39f328b02ca24bc3819b4a3f7d1b6c9d
GET /image/bg.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/test.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 178673
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/calendar.png
174.136.15.231200 OK 588 B URL HTTP/1.1 www.hawaiicarrentals.net/image/calendar.png
IP 174.136.15.231:0
File type PNG image data, 23 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 5bf344bfced45b4390c92d175ebd1e9e
479528b00bd5c65b48e37299f3332b8aaa5e74ba
4fa0ac19215debb31c6c7ae6347f3854c1686ffbe1b23ee761d47b6859be69af
GET /image/calendar.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 588
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.hawaiicarrentals.net/image/hawaiicar-logo.jpg
174.136.15.231200 OK 4.4 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/hawaiicar-logo.jpg
IP 174.136.15.231:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 139x22, components 3\012- data
Hash 848d65a7d47d57df0b8c936b1822dc0a
3f6b3b8843bd8890d77a9722896fb171b35573ab
2fc55ae477bfdc9d06b8a4d9a59264071bb38db0b15041fa60c2423a096c6b98
GET /image/hawaiicar-logo.jpg HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 4434
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.hawaiicarrentals.net/image/footerBoard.png
174.136.15.231200 OK 68 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/footerBoard.png
IP 174.136.15.231:0
File type PNG image data, 222 x 233, 8-bit/color RGBA, non-interlaced\012- data
Hash 737c5b8f3201cf95913e6a23b84a9781
27965c97470dff7ad81eda0a162974698cb91417
c32706157ba80cc181b6fece5ecf58c24970ce6287f68d59e1aa3499fa5c7a09
GET /image/footerBoard.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 68276
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Last-Modified: Thu, 06 Oct 2022 20:34:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash def0f2d6c644aedbb89357888764f922
fdb5fc717f50599db8785b8aa0f1875408a88793
6061b8fa8aef4bedf1f30672c7614c2913fb38b2582e46a5d7e31ec898181fa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/dc.js
173.194.73.157200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 173.194.73.157:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Thu, 06 Oct 2022 20:29:57 GMT
expires: Thu, 06 Oct 2022 22:29:57 GMT
cache-control: public, max-age=7200
age: 4196
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uaJ4X3FCd/ZJnkWz/Y6EAPGru7xDJ8a9mJFUGPYjTvxD3KYRWnOcdY0GHdD6a4ZaZ0onwWvqy2QKXouqItPeCg==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 21:39:53 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hawaiicarrentals.net/image/footer.png
174.136.15.231200 OK 172 kB URL HTTP/1.1 www.hawaiicarrentals.net/image/footer.png
IP 174.136.15.231:0
File type PNG image data, 1600 x 182, 8-bit/color RGB, non-interlaced\012- data
Size 172 kB (171564 bytes)
Hash ccca66a0d4278ad92c6a5427b7773d6d
45ca901426695867adf5a214d1febe65e7d3b1e6
8c7fb5fb56f4d2b86d42a05f57b32021ef1111e20197c5fa4d245326ea908428
GET /image/footer.png HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/css/test.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2020 15:44:21 GMT
Accept-Ranges: bytes
Content-Length: 171564
Cache-Control: max-age=604800
Expires: Thu, 13 Oct 2022 21:39:52 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
apis.google.com/js/plusone.js?onload=OnLoadCallback
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js?onload=OnLoadCallback
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash ae3c72123ea3434af8a0f0a61796f375
ea662eb595f113ba09c408833f8aabb607e3f3ad
d02db5eee2d5eef82b3a99a678bf479619f8c6d2c04048fb43683f62a99e7977
GET /js/plusone.js?onload=OnLoadCallback HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20364
date: Thu, 06 Oct 2022 21:39:53 GMT
expires: Thu, 06 Oct 2022 21:39:53 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "767117cf260a77c1"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=664263568&utmhn=www.hawaiicarrentals.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&utmhid=1134988466&utmr=-&utmp=%2Fprepay-gas-options.php&utmht=1665092393340&utmac=UA-216338-1&utmcc=__utma%3D173305658.672748076.1665092393.1665092393.1665092393.1%3B%2B__utmz%3D173305658.1665092393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1229705124&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
173.194.73.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=664263568&utmhn=www.hawaiicarrentals.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&utmhid=1134988466&utmr=-&utmp=%2Fprepay-gas-options.php&utmht=1665092393340&utmac=UA-216338-1&utmcc=__utma%3D173305658.672748076.1665092393.1665092393.1665092393.1%3B%2B__utmz%3D173305658.1665092393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1229705124&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 173.194.73.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=664263568&utmhn=www.hawaiicarrentals.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&utmhid=1134988466&utmr=-&utmp=%2Fprepay-gas-options.php&utmht=1665092393340&utmac=UA-216338-1&utmcc=__utma%3D173305658.672748076.1665092393.1665092393.1665092393.1%3B%2B__utmz%3D173305658.1665092393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1229705124&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 21:39:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hawaiicarrentals.net/favicon.ico
174.136.15.231301 Moved Permanently 248 B URL HTTP/1.1 www.hawaiicarrentals.net/favicon.ico
IP 174.136.15.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fe0b356d6928df46f3e95d6bccd3e04e
26407affa1c2332fc685d14e4f0ded5b3c615263
1ec91c4b1b3f56fddc3f48859e347dbeb25c315be23a55889f31e00129b95ba7
GET /favicon.ico HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:39:53 GMT
Server: Apache
Location: https://www.hawaiicarrentals.net/404.php
Content-Length: 248
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14398
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14398
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:39:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Last-Modified: Thu, 06 Oct 2022 20:34:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14398
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14398
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:39:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iRuujAZLL_0mf5_-FhMXpuWwHy-jidhBkFuBIZLo0tLlJArZgFEcbA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 16:10:55 GMT
age: 19738
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:43 GMT
age: 190
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:07 GMT
age: 106
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 85393
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 082af8f6ad7e453a93dd3d1e0ed74005
a768614da451435f22b8f19a0cd4977c48a639ce
f53c36c80f6af2bb427ea6b9d34dd82f8dbcf05d23b92d78ce6372af3a46d57c
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 07:12:08 GMT
expires: Thu, 05 Oct 2023 07:12:08 GMT
cache-control: public, max-age=31536000
age: 138465
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 61930
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:36:43 GMT
age: 190
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.hawaiicarrentals.net&callback=_gfp_s_&client=ca-pub-2212401993203453
172.217.21.162200 OK 206 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.hawaiicarrentals.net&callback=_gfp_s_&client=ca-pub-2212401993203453
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 52cb032c261db569d71eb6d012518113
d14e6c743b80cd3f7d5d47d8f3f525ffb898d4f8
74fa16e7b12554b6a5e7f8fbd8d4b6a178548c068ea50e35cf7bee742eee044b
GET /gampad/cookie.js?domain=www.hawaiicarrentals.net&callback=_gfp_s_&client=ca-pub-2212401993203453 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:39:53 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.hawaiicarrentals.net
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.hawaiicarrentals.net
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.hawaiicarrentals.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 21:39:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hawaiicarrentals.net/404.php
174.136.15.231200 OK 4.3 kB URL HTTP/1.1 www.hawaiicarrentals.net/404.php
IP 174.136.15.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (418), with CRLF line terminators
Hash c66af5c7f89e28701b52de229a3afbe8
d1711b892fbf0f96dd8a7b045e212964eb58507a
53076b94a1c6c74dd4412135f406272f07eb63637e8f51d3c92b56baa7373eb1
Analyzer Verdict Alert fortinet Malware
GET /404.php HTTP/1.1
Host: www.hawaiicarrentals.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hawaiicarrentals.net/prepay-gas-options.php
Connection: keep-alive
Cookie: __utma=173305658.672748076.1665092393.1665092393.1665092393.1; __utmb=173305658.1.10.1665092393; __utmc=173305658; __utmz=173305658.1665092393.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:39:53 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68cae76ca08d4e9629466fe6e31c4401
174a7298fb239a33068a15a2e900956dee1f5c2c
e0a2fb0dd6b622408d720f55ba8a8e21edd3d6ab6072aaa716e13ae6af3f6381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=532217117701029&ev=PageView&dl=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&rl=&if=false&ts=1665092393653&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665092393652.1283188393&it=1665092393396&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=532217117701029&ev=PageView&dl=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&rl=&if=false&ts=1665092393653&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665092393652.1283188393&it=1665092393396&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 14ea67d9e0419408a931256be151339b
1a6b8c23ecf1b6b6b828ef3e6d00cc6710dce6f9
f99f435b55ae1a0c581a9a5878f52719eedf6dba1399f23bb64b867890a95aa1
GET /tr/?id=532217117701029&ev=PageView&dl=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&rl=&if=false&ts=1665092393653&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665092393652.1283188393&it=1665092393396&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 06 Oct 2022 21:39:53 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2212401993203453&output=html&h=100&slotname=3366327710&adk=4243387715&adf=3091519715&pi=t.ma~as.3366327710&w=950&lmt=1665092393&url=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&wgl=1&dt=1665092392426&bpp=33&bdt=850&idt=1022&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D1d4490a6a9c10a79-22b932ea3bce0041%3AT%3D1665092393%3ART%3D1665092393%3AS%3DALNI_Ma7ACBESu3azRofjfrjoZOiCwnL-Q&correlator=6260531819099&frm=20&pv=2&ga_vid=672748076.1665092393&ga_sid=1665092393&ga_hid=1134988466&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=115&ady=1660&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706%2C44772927&oid=2&pvsid=3254582126114976&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Co%7Cebr%7C&abl=NS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8ebOKMXwIA&p=https%3A//www.hawaiicarrentals.net&dtd=1178
142.250.74.66200 OK 213 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2212401993203453&output=html&h=100&slotname=3366327710&adk=4243387715&adf=3091519715&pi=t.ma~as.3366327710&w=950&lmt=1665092393&url=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&wgl=1&dt=1665092392426&bpp=33&bdt=850&idt=1022&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D1d4490a6a9c10a79-22b932ea3bce0041%3AT%3D1665092393%3ART%3D1665092393%3AS%3DALNI_Ma7ACBESu3azRofjfrjoZOiCwnL-Q&correlator=6260531819099&frm=20&pv=2&ga_vid=672748076.1665092393&ga_sid=1665092393&ga_hid=1134988466&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=115&ady=1660&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706%2C44772927&oid=2&pvsid=3254582126114976&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Co%7Cebr%7C&abl=NS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8ebOKMXwIA&p=https%3A//www.hawaiicarrentals.net&dtd=1178
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (436), with no line terminators
Hash f6c8ffc45ed8d99a5defc2167d178eee
45392f3ba6da7d866a7dab272557a571e64747a7
99d3d8f01063984ffdd0218487a6030ead41f3e3c4c00df452f06fffdcdcbb49
GET /pagead/ads?client=ca-pub-2212401993203453&output=html&h=100&slotname=3366327710&adk=4243387715&adf=3091519715&pi=t.ma~as.3366327710&w=950&lmt=1665092393&url=https%3A%2F%2Fwww.hawaiicarrentals.net%2Fprepay-gas-options.php&wgl=1&dt=1665092392426&bpp=33&bdt=850&idt=1022&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D1d4490a6a9c10a79-22b932ea3bce0041%3AT%3D1665092393%3ART%3D1665092393%3AS%3DALNI_Ma7ACBESu3azRofjfrjoZOiCwnL-Q&correlator=6260531819099&frm=20&pv=2&ga_vid=672748076.1665092393&ga_sid=1665092393&ga_hid=1134988466&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=115&ady=1660&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706%2C44772927&oid=2&pvsid=3254582126114976&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Co%7Cebr%7C&abl=NS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8ebOKMXwIA&p=https%3A//www.hawaiicarrentals.net&dtd=1178 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 06 Oct 2022 21:39:53 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Oct-2022 21:54:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Oct 2022 21:39:53 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 36b2ebb263a694be6b81a02818e3d9e4
b73b329f15a2fc2ab0d6ea468695b3f79c27be94
e76b12ed5b195fddd74ac3f63fd2f985e22fea47c025eec8b0260b5560f9c515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 06 Oct 2022 21:39:54 GMT
expires: Thu, 06 Oct 2022 21:39:54 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:36:17 GMT
expires: Thu, 05 Oct 2023 20:36:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 90217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 564c57ec003ffb4d556ff0e899b74bb9
e61a885c7fe517fae82221a34db7e2ebdbd48dc6
500ebaf25234df698e65a03352026f2baf7668cf890efd348b5c0f417458241c
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 06 Oct 2022 21:39:54 GMT
date: Thu, 06 Oct 2022 21:39:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-X25AdNr-lfgkkCrZSDHkJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.getclicky.com/js
104.16.221.29200 OK 0 B IP 104.16.221.29:0
GET /js HTTP/1.1
Host: static.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:39:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Wed, 12 Oct 2022 18:01:28 GMT
cache-control: max-age=604800
x-proxy-cache: HIT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 18:01:28 GMT
cf-cache-status: HIT
age: 99484
server: cloudflare
cf-ray: 75618d61fbe9fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
in.getclicky.com/in.php?site_id=100542989&type=pageview&href=%2Fprepay-gas-options.php&title=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.15338280909873492
198.145.13.14200 OK 0 B URL HTTP/2 in.getclicky.com/in.php?site_id=100542989&type=pageview&href=%2Fprepay-gas-options.php&title=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.15338280909873492
IP 198.145.13.14:0
GET /in.php?site_id=100542989&type=pageview&href=%2Fprepay-gas-options.php&title=Prepay%20for%20Gas%20or%20Not%20-%20Refueling%20Options%20for%20Rental%20Cars%20-%20Hawaii%20Car%20Rentals&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.15338280909873492 HTTP/1.1
Host: in.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hawaiicarrentals.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:39:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2