firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rwZXIDtZL4oDhEoKSNwIms_cbdzBGP0JETEGxHXb819oQzQYU5aonw==
Age: 106452
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4087
Expires: Thu, 06 Oct 2022 22:29:37 GMT
Date: Thu, 06 Oct 2022 21:21:30 GMT
Connection: keep-alive
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
173.231.223.23200 OK 8.4 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
IP 173.231.223.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (873), with CRLF line terminators
Hash 37323e1b9e749ed5d1f402901657b10b
55009df71833f5ac06e18bbbf2d6dc256fd2c21c
05e591cf7f70e89d35f12c1362f51761f1f0c00cf7423b27343bc04ebb7caf79
Analyzer Verdict Alert openphish Absa Group
fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/3m2iznme=/ HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:30 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7304
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 21:21:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m3NyaPtpBbp0YGC/7GDVUkIBnTDkFj0K/zRIqdvcPgTFWeAP6FF2snpAjNLN0qdnnIi+UstX9bU=
x-amz-request-id: VST1M77PKPFK7FEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 20:30:55 GMT
age: 3035
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 21:21:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/absa.css?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 21 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/absa.css?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1602531e410e68539aad526ada10bee2
82661e8393589de251e24b9c7eebf4fc8cd08f2b
bb161d90ac44e20d9c3d238660fc45d377f9c5521c317534c46c1193b499ec26
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/absa.css?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:30 GMT
Server: Apache
Last-Modified: Thu, 24 Mar 2022 01:03:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20901
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec5f4f99dae07d8a4eba706a63fe8c09
d3e7e8946470d0c2b2e0cb13a7f4eb2227680936
e198ba1f99548df01033649a03c9758707b3657ed9a068d10970817b5aeb4930
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5839
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:21:30 GMT
Last-Modified: Thu, 06 Oct 2022 19:44:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c018ca5a038fb1356ee944624c23c6f
b82a5d76210b78a93616c2f7c2267060b0d3e572
619b9cb449233c3e3f10aa09e63d20487e044885c98813b39238f26f522ab02e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:21:30 GMT
Server: ECS (amb/6BAC)
Content-Length: 471
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/login.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 12 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/login.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
Hash d1c50db883f087b47c5c4d1292f903be
5efd47b5df577dab5d40b4cc4efb7a87d7939f74
3e3d040fadcc3855cba9d6bc8f7461634591a37d5d00ea970d7c5ea98eda7a41
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/login.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:30 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12312
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/login.css?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 1.2 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/login.css?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (4072), with no line terminators
Hash 0792a98923b0caf052c04b5dfa8122a5
f23d932685e18b5b5e6f0f9a897962a3e1ea9abb
4bc5a5b370c03affa6ff8f7cc8de750172906ba74b96709ce4d54295a287e18f
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/login.css?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1156
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.subTree.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 1.4 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.subTree.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (4762), with no line terminators
Hash 2bc61f110ed1be105a9bc5b124b60e47
5b0b758bf01cdff1ef9cdcadae3c7694ed0385a5
1e2c51eab98f1bd9ef8485c62acf093f1e1cbbaa5479f8082b9b5c7bb687f6b0
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.subTree.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1365
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.form.wizardBridge.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 2.9 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.form.wizardBridge.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (10937), with no line terminators
Hash f4b103f1fd5d2bceade98fc92488ff28
f6a7cbc512a22a9d7d84c28032bea596dcacabd2
080f2f8dfd18f0910d7bb779f3cf6b4ec2d00f8dbef2e07d863d830d9b08ef45
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.form.wizardBridge.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2916
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.jcaptcha.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 444 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.jcaptcha.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (1616), with no line terminators
Hash 1a8c6efc36c481a25f0f9eaf120d442a
9491e62fc7d136761cd186ef3fad8a841f9855dd
f9568870e6dd0d79f76779cc703be02e33be2eed10355812812f51e0238090f8
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.jcaptcha.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 444
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/jcaptcha/jcaptcha.css?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 508 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/jcaptcha/jcaptcha.css?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (1459), with no line terminators
Hash 321ec3d24402651da117492f7eb4889e
7a7c73beee3a10a2e7a5c67108327fe5e6b20519
d7a88531094c79591820c2ac1bc58673c50d30f7945b19e5b2ccd23f3a76c014
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/jcaptcha/jcaptcha.css?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:33:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 508
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.n2fa.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 6.1 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.n2fa.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (27224), with no line terminators
Hash baee593039b2f83c3ed15ae4624bb8c3
abd6c3ea2d09b7f1d8c93792415a1a1434962272
7eb402bff147ee1a2896299fde2d2a8a1e53d572a73fa4718f86f53267679463
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.n2fa.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6102
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.resetPin.js?v=0.1.0-2020-06-18-13-48-34
173.231.223.23200 OK 1.7 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.resetPin.js?v=0.1.0-2020-06-18-13-48-34
IP 173.231.223.23:0
File type ASCII text, with very long lines (6597), with no line terminators
Hash f303a535161d9980ff767fafa57f3f39
d5621d05abf7557896838129907e257cb7780c57
a1a7f9a2af064a2ff19ab0e3c47dafdbdd88d1701fd6799c7e117090a1f1d4e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/script/absa/absa.resetPin.js?v=0.1.0-2020-06-18-13-48-34 HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1749
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 20:29:41 GMT
Expires: Thu, 06 Oct 2022 20:54:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VoWoWz2qryjN1uGT_sC3X_4ltCLKAyVp9EdMso6I-KctRfZ2KDqd5w==
Age: 3110
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/locale_en.gif
173.231.223.23200 OK 70 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/locale_en.gif
IP 173.231.223.23:0
File type GIF image data, version 89a, 14 x 14\012- data
Hash f93c9052c9244e395d965f30d21c66da
2ef0d6208255d8059d0f15e664640bb66570f741
3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/locale_en.gif HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:40 GMT
Accept-Ranges: bytes
Content-Length: 70
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/dot.gif
173.231.223.23200 OK 43 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/dot.gif
IP 173.231.223.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/dot.gif HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:40 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/2019/logo-red.png
173.231.223.23200 OK 2.1 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/2019/logo-red.png
IP 173.231.223.23:0
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Hash e4e141701cb25f97660b49d191eb2963
6fb16bfeab3664b454128d99eef54e3861bd3912
86c3ec119fc6352ca80ccc5b6e2e8fa76c924adecaf33de65da1b892e7b1aa3e
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/2019/logo-red.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:40 GMT
Accept-Ranges: bytes
Content-Length: 2079
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-corners-rounded.png
173.231.223.23200 OK 246 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-corners-rounded.png
IP 173.231.223.23:0
File type PNG image data, 16 x 20, 8-bit colormap, non-interlaced\012- data
Hash 13cefa14429d6c083df4c04dffb80f15
f7bbde539bd645f4a43bfaa3628e1937f2ca3b87
6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-corners-rounded.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/absa.css?v=0.1.0-2020-06-18-13-48-34
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:33:10 GMT
Accept-Ranges: bytes
Content-Length: 246
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/DebiCheck_ATM_Eng.jpg
173.231.223.23200 OK 25 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/DebiCheck_ATM_Eng.jpg
IP 173.231.223.23:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 328x234, components 3\012- data
Hash 06754401d7e3a928a88882f7e4df57da
b88e496d52c339faf9bf3959e246e622c6f6786f
6de7e0fbfa97a6f107816f83dc7ff68246c4b27804279d1319e39dbeaeac3863
GET /wp-mail/webmail/rouncube/reo/nza/libraries/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/DebiCheck_ATM_Eng.jpg HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:42 GMT
Accept-Ranges: bytes
Content-Length: 24949
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/asset/campaigne_1_ENG.png
173.231.223.23200 OK 46 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/asset/campaigne_1_ENG.png
IP 173.231.223.23:0
File type PNG image data, 296 x 212, 8-bit/color RGBA, non-interlaced\012- data
Hash b775b77d2d29313be09e5e746f6cd1f6
cb286faea1400306bc7efbe88119659adf837e0f
cb45d428c00e88ea0e73eca797ebb0222173c4bb22a86935a4d94137695a42ef
GET /wp-mail/webmail/rouncube/reo/nza/libraries/asset/campaigne_1_ENG.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Sat, 27 Jun 2020 08:58:08 GMT
Accept-Ranges: bytes
Content-Length: 46532
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:21:31 GMT
Last-Modified: Thu, 06 Oct 2022 19:52:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg
173.231.223.23301 Moved Permanently 532 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg
IP 173.231.223.23:0
File type HTML document, ASCII text
Hash da867204a1e7e6400b48f80cf4773df4
09d1fa435cc9e8716409c787cea9bb0e3dd316e6
a96867e4fb5dcb6a1a6072cd0736f456fabb087714e528b4e463ade1d8d62ad8
GET /wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/asset/AOL_Retail_Pricing_2022_Eng.jpg
173.231.223.23200 OK 69 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/asset/AOL_Retail_Pricing_2022_Eng.jpg
IP 173.231.223.23:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 296x212, components 3\012- data
Hash 96f62fa0f146ac9d54d2882a3bfff0aa
297a9c594619f8b2f207de43753fafec55cd20d5
f5de27a5b91e9848d24a0ca74eb4efe8b650d9280d77e8b7f3b4f4ecd744a24f
GET /wp-mail/webmail/rouncube/reo/nza/libraries/asset/AOL_Retail_Pricing_2022_Eng.jpg HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 24 Mar 2022 01:07:10 GMT
Accept-Ranges: bytes
Content-Length: 69184
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/icon-questionmark-grey_2019.png
173.231.223.23200 OK 362 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/icon-questionmark-grey_2019.png
IP 173.231.223.23:0
File type PNG image data, 19 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ee5a2df1e19db0f33573dd1cad378f9
7c81f65c8ec075a03b10104d297ce18bcf13785c
79fb86c959989a8d2c920e6e4550c396fcee47ec4deda2549b237aca12dd981d
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/icon-questionmark-grey_2019.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:32:30 GMT
Accept-Ranges: bytes
Content-Length: 362
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/keypad/keypad-bg.gif
173.231.223.23200 OK 439 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/keypad/keypad-bg.gif
IP 173.231.223.23:0
File type GIF image data, version 89a, 84 x 128\012- data
Hash 4b3e105c2c0a87a3d4c46ead1f2640a2
5ed49317561375c49ecdb9fc525c445f9737b0f6
31d4c1cd3bf18363ff7643f87a54fecd70376fed89cd5805ced2e323127fa334
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/www.absa.co.za.2009.ui/keypad/keypad-bg.gif HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/absa.css?v=0.1.0-2020-06-18-13-48-34
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:33:00 GMT
Accept-Ranges: bytes
Content-Length: 439
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
credit.apr.absa.co.za/422006/place.js
108.128.38.241200 OK 30 kB URL HTTP/2 credit.apr.absa.co.za/422006/place.js
IP 108.128.38.241:0
Hash 1a66fde9157b675e986674b1805d88d6
ccf8e196dd4990bac3076f351db820a9338e1565
43eb513cd501607f3823d6afa88c2a0ec47a320c285116192a0cb25ee64382d0
GET /422006/place.js HTTP/1.1
Host: credit.apr.absa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:21:30 GMT
content-type: application/x-javascript
server: haile
strict-transport-security: max-age=86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-encoding: gzip
X-Firefox-Spdy: h2
choice.invest.absa.co.za/422006/prox.js
108.128.38.241200 OK 30 kB URL HTTP/2 choice.invest.absa.co.za/422006/prox.js
IP 108.128.38.241:0
Hash a34b959331ceb2a4832041187d636b51
194175fd13419778f36d62ab888efad17594995a
67fa27584def10accf3552110bf921ddfc43ad64d10d695cef621c173e1ace45
GET /422006/prox.js HTTP/1.1
Host: choice.invest.absa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:21:30 GMT
content-type: application/x-javascript
server: haile
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-encoding: gzip
X-Firefox-Spdy: h2
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-icons-bar-status_2019.png
173.231.223.23200 OK 643 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-icons-bar-status_2019.png
IP 173.231.223.23:0
File type PNG image data, 12 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 48a49b834f2f316618c58cd48404b711
0f2654bb5490b18db7504789cae08ffaea881843
620195c7ce8c374b49f3438ad4b3edc1aa33c7ee839d13436f202fc38a55acbb
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/resources/sprite-icons-bar-status_2019.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/login.css?v=0.1.0-2020-06-18-13-48-34
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2020 07:33:08 GMT
Accept-Ranges: bytes
Content-Length: 643
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HmytpEATl6ObOJ/qQV6r4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SAHaq8tCq2olequVFf49lE4icgc=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5089d03ecbcb5a5cfb3645f37d60b015
24804b72fd2952a2684c9d3379fa1e0b5e3bdb85
c2606b1f07274990b8ba4ad53eda61e40980681ae72aadc30e5fd89ba684ba3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 21:21:31 GMT
Last-Modified: Thu, 06 Oct 2022 19:45:39 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471
www.absa.co.za/etc/designs/zg/absacoza/desktop/assets/img/favicon.ico
34.248.54.196200 OK 638 B URL HTTP/2 www.absa.co.za/etc/designs/zg/absacoza/desktop/assets/img/favicon.ico
IP 34.248.54.196:0
File type MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel\012- data
Hash cd50c1576c4a32271ddd28a970290884
4f8dc02e585bab623c35c51f6ab2c12b233ecb72
4c9aba064d0a46fd8cc6be2c2d723b4952fae5896af589a32e4a229f0eacdce4
GET /etc/designs/zg/absacoza/desktop/assets/img/favicon.ico HTTP/1.1
Host: www.absa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:21:31 GMT
content-type: image/vnd.microsoft.icon
content-length: 638
server: Apache
last-modified: Wed, 21 Sep 2022 11:07:13 GMT
etag: "cbe-5e92df272e3bc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-request-id: Yz9G2-arZ64QaZqxMfn95wAAAVc
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' api.salemove.com api.salemove.eu ui.customsearch.ai analytics.twitter.com assets.adobedtm.com connect.facebook.net static.ads-twitter.com www.googleadservices.com maps.googleapis.com cdn.tt.omtrdc.net absa.tt.omtrdc.net www.google.com www.gstatic.com analytics.analytics-egain.com abdemo.egain.cloud absablog-dev.disqus.com absablog-sit.disqus.com absablog-uat.disqus.com absablog-prod.disqus.com ajax.googleapis.com platform.twitter.com platform.linkedin.com assets.pinterest.com c.disquscdn.com disqus.com secure.rating-widget.com log.pinterest.com rating-widget.com s.ytimg.com www.youtube.com youtube.com esb.ext.api.uat.absa.co.za client.crisp.chat googleads.g.doubleclick.net www.google.co.za www.google.pl dsp-aud.eskimi.com dsp.eskimi.com dsp-pix.eskimi.com dsp-media.eskimi.com cdn.syndication.twimg.com cse.google.com api-iam.intercom.io api.salemove.eu app.salemove.eu asset-proxy.salemove.eu assets.salemove.eu chunderw-gll.twilio.com chunderw-vpc-gll.twilio.com client-logger.salemove.eu eventgw.twilio.com fonts.googleapis.com fonts.gstatic.com io.salemove.eu js.intercomcdn.com kluster.ws.salemove.eu libs.salemove.com maps.googleapis.com maps.gstatic.com media.twiliocdn.com nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io s3-eu-west-1.amazonaws.com s3.amazonaws.com uplot.salemove.eu widget.intercom.io googletagmanager.com www.googletagmanager.com js-agent.newrelic.com bam.nr-data.net c.la3-c1-fra.salesforceliveagent.com d.la3-c1-fra.salesforceliveagent.com c.la1-c2-par.salesforceliveagent.com d.la1-c2-par.salesforceliveagent.com c.la2-c2-cdg.salesforceliveagent.com c.la1-c2-par.salesforceagent.com d.la2-c2-cdg.salesforceliveagent.com bam-cell.nr-data.net fls.doubleclick.net tt.mbww.com pixel.mathtag.com snap.licdn.com sc-static.net analytics.tiktok.com
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
X-Firefox-Spdy: h2
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png
173.231.223.23301 Moved Permanently 532 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png
IP 173.231.223.23:0
File type HTML document, ASCII text
Hash da867204a1e7e6400b48f80cf4773df4
09d1fa435cc9e8716409c787cea9bb0e3dd316e6
a96867e4fb5dcb6a1a6072cd0736f456fabb087714e528b4e463ade1d8d62ad8
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiaHR0cHM6Ly9taW5kYmxvb21jb3Vuc2VsaW5nLmNvbS93cC1tYWlsL3dlYm1haWwvcm91bmN1YmUvcmVvL256YS8zbTJpem5tZT0vIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png/
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
choice.invest.absa.co.za/422006/mvmp?d=ZW5jZEBjZkRwbWRxVXd0c1dMWWRDUUFuTzUvanQxU2R3ZzlGUGtjcEFSUy9saW9hK2ZsN1pmbmxDWGxXdkNhVU0wUGdFYXgvU05VVUFkRkI5SXZhWGlOV09BSlRTRjE1M2x4Z0lHQjBLYkFSY200WUdLUWhERFN6dmhWL0kxSTRhRjh5eTllYXZPV2g2Wjd1OFNxS0JWakNOVy85UXJxTkMxd2pxWkRranVWVUlwZWVyenhIdXBCQ1ZtU3ZvTnZDZWlFazE4RzNaWjRqMWY0dlI0dFlPM0xGMDhvSUorMW9oeVpZZGpab1hwVUdXb2M5WitUTGMvZVplNUVUcTlXTU1kZExncFZjRDFVeU9LRUd4UjBCNWFXZEZvc2ZiZ0VKR3JHZXcxL1hjTEhZTmJmQmQwcDEwZXBvVWFHaGtBUnc4SzBWNkZqVUpuZnk4U3FaUllaaFJKbFlifDFlZTBkM2M4YzM4ZDMyNjdkNGUzYjdlOTI0MjliN2Q2YTQ1MThlNmVjZmYwNmVhOGQxNjc1ZmEyMDI5YjNmOWJjMTQ1ZDNiMWM3MGU1MDI2MTQzNTQyYWYwZTkxOTdiZjZiNmQ1ZjhlNWQ0ZTViZTVlNjZkMjI1M2JlOWEyMDQyZjE5YmJlOGE1MzZjYjYwMDlkMzU5NWM5MjFlZjhhYjhiYWM1YjFkOGIxZGNkZjNkNzQxMDE3ZTI2NjU2MjgzNmEzMWU3OTZiNWJjMzIwOTJlNjM4MGIzOTI2YTcxMjkyZjE3MzBkNmI2NWY2ZTQ2MjM2MDU5YmJiOTg3NTU5ZTllMDVjYzMyNDA2ZDFhZTE5Y2QxNmM2NjAxM2NmN2E5N2QyZWUxMWMwZDVhOTRiY2ZjMTJkNTZkYzk1YTM3M2Y5MWMxZDcyNjFiZTU4NmVmZjIyMzRjZTMyNWEwODE3N2E2YmM5ZmU3MzBhZWE1ODBjZDVmN2ZlNDVkZDcyNWFhYzZlMGY5MTkwYTU5Y2M0ZDg0OWJkOTM0NTNhOGY0ODExZTcyZTc4MTY5NTE3ZmU4MTdkY2I4NDM4ZDVjZmU1OGIzNzFkMzhkZGNmYzI4N2ZhNjAwZTJiYzE2MGEwMjY4NzcxYmM3MWE3MDM4MDNiZDc4MDM5YjNjMGJlYWI3MjdkfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=1&e=https%3A%2F%2Fmindbloomcounseling.com&LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D&t=jsonp&c=hlmqtivqvwpcuemy&eu=https%3A%2F%2Fmindbloomcounseling.com%2Fwp-mail%2Fwebmail%2Frouncube%2Freo%2Fnza%2F3m2iznme%3D%2F
108.128.38.241200 OK 90 B URL HTTP/2 choice.invest.absa.co.za/422006/mvmp?d=ZW5jZEBjZkRwbWRxVXd0c1dMWWRDUUFuTzUvanQxU2R3ZzlGUGtjcEFSUy9saW9hK2ZsN1pmbmxDWGxXdkNhVU0wUGdFYXgvU05VVUFkRkI5SXZhWGlOV09BSlRTRjE1M2x4Z0lHQjBLYkFSY200WUdLUWhERFN6dmhWL0kxSTRhRjh5eTllYXZPV2g2Wjd1OFNxS0JWakNOVy85UXJxTkMxd2pxWkRranVWVUlwZWVyenhIdXBCQ1ZtU3ZvTnZDZWlFazE4RzNaWjRqMWY0dlI0dFlPM0xGMDhvSUorMW9oeVpZZGpab1hwVUdXb2M5WitUTGMvZVplNUVUcTlXTU1kZExncFZjRDFVeU9LRUd4UjBCNWFXZEZvc2ZiZ0VKR3JHZXcxL1hjTEhZTmJmQmQwcDEwZXBvVWFHaGtBUnc4SzBWNkZqVUpuZnk4U3FaUllaaFJKbFlifDFlZTBkM2M4YzM4ZDMyNjdkNGUzYjdlOTI0MjliN2Q2YTQ1MThlNmVjZmYwNmVhOGQxNjc1ZmEyMDI5YjNmOWJjMTQ1ZDNiMWM3MGU1MDI2MTQzNTQyYWYwZTkxOTdiZjZiNmQ1ZjhlNWQ0ZTViZTVlNjZkMjI1M2JlOWEyMDQyZjE5YmJlOGE1MzZjYjYwMDlkMzU5NWM5MjFlZjhhYjhiYWM1YjFkOGIxZGNkZjNkNzQxMDE3ZTI2NjU2MjgzNmEzMWU3OTZiNWJjMzIwOTJlNjM4MGIzOTI2YTcxMjkyZjE3MzBkNmI2NWY2ZTQ2MjM2MDU5YmJiOTg3NTU5ZTllMDVjYzMyNDA2ZDFhZTE5Y2QxNmM2NjAxM2NmN2E5N2QyZWUxMWMwZDVhOTRiY2ZjMTJkNTZkYzk1YTM3M2Y5MWMxZDcyNjFiZTU4NmVmZjIyMzRjZTMyNWEwODE3N2E2YmM5ZmU3MzBhZWE1ODBjZDVmN2ZlNDVkZDcyNWFhYzZlMGY5MTkwYTU5Y2M0ZDg0OWJkOTM0NTNhOGY0ODExZTcyZTc4MTY5NTE3ZmU4MTdkY2I4NDM4ZDVjZmU1OGIzNzFkMzhkZGNmYzI4N2ZhNjAwZTJiYzE2MGEwMjY4NzcxYmM3MWE3MDM4MDNiZDc4MDM5YjNjMGJlYWI3MjdkfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=1&e=https%3A%2F%2Fmindbloomcounseling.com&LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D&t=jsonp&c=hlmqtivqvwpcuemy&eu=https%3A%2F%2Fmindbloomcounseling.com%2Fwp-mail%2Fwebmail%2Frouncube%2Freo%2Fnza%2F3m2iznme%3D%2F
IP 108.128.38.241:0
File type ASCII text, with no line terminators
Hash 300754ef7b5b39a4d77028994523c759
3ac36abb112b8312c07c327174531fba722835ec
d6a36290d64f6fdb101e5cb3ef2834d8c36660bb8b1bef1d9d3dd8083d70ddcd
GET /422006/mvmp?d=ZW5jZEBjZkRwbWRxVXd0c1dMWWRDUUFuTzUvanQxU2R3ZzlGUGtjcEFSUy9saW9hK2ZsN1pmbmxDWGxXdkNhVU0wUGdFYXgvU05VVUFkRkI5SXZhWGlOV09BSlRTRjE1M2x4Z0lHQjBLYkFSY200WUdLUWhERFN6dmhWL0kxSTRhRjh5eTllYXZPV2g2Wjd1OFNxS0JWakNOVy85UXJxTkMxd2pxWkRranVWVUlwZWVyenhIdXBCQ1ZtU3ZvTnZDZWlFazE4RzNaWjRqMWY0dlI0dFlPM0xGMDhvSUorMW9oeVpZZGpab1hwVUdXb2M5WitUTGMvZVplNUVUcTlXTU1kZExncFZjRDFVeU9LRUd4UjBCNWFXZEZvc2ZiZ0VKR3JHZXcxL1hjTEhZTmJmQmQwcDEwZXBvVWFHaGtBUnc4SzBWNkZqVUpuZnk4U3FaUllaaFJKbFlifDFlZTBkM2M4YzM4ZDMyNjdkNGUzYjdlOTI0MjliN2Q2YTQ1MThlNmVjZmYwNmVhOGQxNjc1ZmEyMDI5YjNmOWJjMTQ1ZDNiMWM3MGU1MDI2MTQzNTQyYWYwZTkxOTdiZjZiNmQ1ZjhlNWQ0ZTViZTVlNjZkMjI1M2JlOWEyMDQyZjE5YmJlOGE1MzZjYjYwMDlkMzU5NWM5MjFlZjhhYjhiYWM1YjFkOGIxZGNkZjNkNzQxMDE3ZTI2NjU2MjgzNmEzMWU3OTZiNWJjMzIwOTJlNjM4MGIzOTI2YTcxMjkyZjE3MzBkNmI2NWY2ZTQ2MjM2MDU5YmJiOTg3NTU5ZTllMDVjYzMyNDA2ZDFhZTE5Y2QxNmM2NjAxM2NmN2E5N2QyZWUxMWMwZDVhOTRiY2ZjMTJkNTZkYzk1YTM3M2Y5MWMxZDcyNjFiZTU4NmVmZjIyMzRjZTMyNWEwODE3N2E2YmM5ZmU3MzBhZWE1ODBjZDVmN2ZlNDVkZDcyNWFhYzZlMGY5MTkwYTU5Y2M0ZDg0OWJkOTM0NTNhOGY0ODExZTcyZTc4MTY5NTE3ZmU4MTdkY2I4NDM4ZDVjZmU1OGIzNzFkMzhkZGNmYzI4N2ZhNjAwZTJiYzE2MGEwMjY4NzcxYmM3MWE3MDM4MDNiZDc4MDM5YjNjMGJlYWI3MjdkfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=1&e=https%3A%2F%2Fmindbloomcounseling.com&LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D&t=jsonp&c=hlmqtivqvwpcuemy&eu=https%3A%2F%2Fmindbloomcounseling.com%2Fwp-mail%2Fwebmail%2Frouncube%2Freo%2Fnza%2F3m2iznme%3D%2F HTTP/1.1
Host: choice.invest.absa.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mindbloomcounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 21:21:31 GMT
content-type: text/javascript
content-length: 90
server: haile
strict-transport-security: max-age=86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Firefox-Spdy: h2
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png/
173.231.223.23200 OK 32 kB URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png/
IP 173.231.223.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26349)
Hash d07cf740a5134f58345651610b809c0e
9520ed254c80cd799c46e6dd5abd448c6b1e5b5a
0cbf1da112c1dfef764bb4f96dc5da1ee74644bddb7e87f0d8f634ba2b03e3df
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/static/style/Iphone_app_icon.png/ HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Connection: keep-alive
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiaHR0cHM6Ly9taW5kYmxvb21jb3Vuc2VsaW5nLmNvbS93cC1tYWlsL3dlYm1haWwvcm91bmN1YmUvcmVvL256YS8zbTJpem5tZT0vIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Link: <https://mindbloomcounseling.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://mindbloomcounseling.com/index.php?rest_route=/wp/v2/pages/27>; rel="alternate"; type="application/json", <https://mindbloomcounseling.com/>; rel=shortlink
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15499
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:21:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15499
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 21:21:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 84156
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 85466
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5958f828ccc16a41b22d9ae812bccfc
f350f295dd70152712162d4be5b3b5f0d12cde57
230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:03:23 GMT
age: 83889
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: G0mKHnEonkmY4EDpNGAbg_DF37oxElJt58Lv6IJ4ro-hiG61wEAqVQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 09:57:45 GMT
age: 41027
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 84473
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 84525
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg/
173.231.223.23200 OK 0 B URL HTTP/1.1 mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg/
IP 173.231.223.23:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-mail/webmail/rouncube/reo/nza/libraries/absa-online/assets/Assets/Richmedia/Absaonline/CampaignImages/Eng/campaigne_3b_post_golive_EN.jpg/ HTTP/1.1
Host: mindbloomcounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mindbloomcounseling.com/wp-mail/webmail/rouncube/reo/nza/3m2iznme=/
Connection: keep-alive
Cookie: PHPSESSID=c9c416f85c34440a663997531552a8aa; LSESSIONID=eyJpIjoiME03WXJ3MTlpTldcL3lwcDlCYTlPU0E9PSIsImUiOiJCWHVraU0waDY3Vlo3ZEVvZmZWczJpVlwvSlA5Z3FoQU02Zmg3bU5GblIwMXBKd2hldXR3OUZtNkhHb3lNY2FsM2lkd3lsUEV0WlFiVjRVMFJqU0JNRXdEV2I3SCtwNHRmTnlGb2FjTTdrbnhXbThaQmVTZ0krUktYNSt2VmkzOXZ0UkZ6am0rdmdMeDVcL3JpZ2QraFFEQT09In0%3D.af7036ff4284212a.NTA2YmJhMWM1NmE3NmZlYjc1NTgzZDgyMzA1M2RmYTM5ZGZiZmM1MTVmMzA4MDBlYjI3ZTZhZTczMWEzNzA3OA%3D%3D; ___so422006=eyJsc2giOjEzMDA3NDQwMjQsInJlZmVycmVyIjoiaHR0cHM6Ly9taW5kYmxvb21jb3Vuc2VsaW5nLmNvbS93cC1tYWlsL3dlYm1haWwvcm91bmN1YmUvcmVvL256YS8zbTJpem5tZT0vIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 21:21:31 GMT
Server: Apache
Link: <https://mindbloomcounseling.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://mindbloomcounseling.com/index.php?rest_route=/wp/v2/pages/27>; rel="alternate"; type="application/json", <https://mindbloomcounseling.com/>; rel=shortlink
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8