r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3634
Expires: Tue, 07 Feb 2023 13:31:29 GMT
Date: Tue, 07 Feb 2023 12:30:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11116
Expires: Tue, 07 Feb 2023 15:36:11 GMT
Date: Tue, 07 Feb 2023 12:30:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 11:36:31 GMT
content-type: application/json
age: 3264
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18836
Expires: Tue, 07 Feb 2023 17:44:51 GMT
Date: Tue, 07 Feb 2023 12:30:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hXxDWF/N3ruKygKOZOS6d4zy1YhspAu8W2zucOHVhpOCSm2hk7MMr9TgBqFzXqOLejqr7lcJRJJG6u2R9Dd98w==
x-amz-request-id: HWDVFDW2BEFXK0Z3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 11:35:30 GMT
age: 3325
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 12:30:55 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.nahtinternationa.com/bnk/home.php
162.0.236.106301 Moved Permanently 253 B URL HTTP/1.1 www.nahtinternationa.com/bnk/home.php
IP 162.0.236.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 19dfd954f42ce9e85e0507d69697f83c
003ae08c116b782149d1afccfbbf59784930a3f4
55d043f0da8781f1e83219392923c69df25a3e3c63e00114dcbcae7b9619830f
Analyzer Verdict Alert openphish Discover
fortinet Phishing
GET /bnk/home.php HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Feb 2023 12:30:55 GMT
Server: Apache
Location: https://www.nahtinternationa.com/bnk/home.php
Content-Length: 253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 11:51:19 GMT
age: 2376
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2180
Expires: Tue, 07 Feb 2023 13:07:16 GMT
Date: Tue, 07 Feb 2023 12:30:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a096b47e565807ca71e0bfca6eef61bf
4719330ade6a03b96b7d3b22965ba041ad99bb3e
8156cba6bd4ee0eb38fb7bb3b2b8f8d05f7943083e54b909dbedc513e082598f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:30:56 GMT
Last-Modified: Tue, 07 Feb 2023 10:44:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
52.26.56.94101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.56.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XMA2ZEFT72r4iN5T8Uw+UQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lwuKkFXcGAiGlVwToUbBnm/4Rxo=
www.nahtinternationa.com/bnk/home.php
162.0.236.106200 OK 47 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/home.php
IP 162.0.236.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cba2da3420487fb95673dc52cfb258f8
5d14a50764af6b4564cb5050c870ff1825174ff4
24e6c03bbcb3af189a919a742af7543139015468d8207e1ae6b7035c0d98ffce
Analyzer Verdict Alert openphish Discover
fortinet Phishing
GET /bnk/home.php HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a096b47e565807ca71e0bfca6eef61bf
4719330ade6a03b96b7d3b22965ba041ad99bb3e
8156cba6bd4ee0eb38fb7bb3b2b8f8d05f7943083e54b909dbedc513e082598f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:30:56 GMT
Last-Modified: Tue, 07 Feb 2023 10:44:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
www.nahtinternationa.com/bnk/global/public/scripts/signal_tms.js
162.0.236.106200 OK 1.1 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/scripts/signal_tms.js
IP 162.0.236.106:0
File type ASCII text, with CRLF line terminators
Hash 22475acd508be44b52e513b2850e0a1a
52e8a466ebc2b05442eb1b55f3e35d4f6d638a22
d3fabf8a2c10be476034ec3435b01a632b0b7c5169eb228fb134c38b5e53aaed
Analyzer Verdict Alert fortinet Phishing
GET /bnk/global/public/scripts/signal_tms.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 1064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/global/public/css/branch-sdk.css
162.0.236.106200 OK 48 B URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/css/branch-sdk.css
IP 162.0.236.106:0
File type ASCII text, with no line terminators
Hash 9d80988d2e007731f00785867f9fca3f
680c321916cf5bc9b97dc353b51327abc90ed10d
03dc0a7b3fe3cebc62da299f79482efe4e0a3d8451e3750949eee8951e45b42a
GET /bnk/global/public/css/branch-sdk.css HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 48
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.nahtinternationa.com/bnk/global/public/scripts/branch-sdk.js
162.0.236.106200 OK 1.5 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/scripts/branch-sdk.js
IP 162.0.236.106:0
File type ASCII text, with very long lines (662), with CRLF line terminators
Hash bf95c4b142314606bcecaabf78e64f43
981042df3a271cf3f8d91430dde397898b9115ee
d361dbf8f7f2c71bac9543feab57c32170ac51f96351a2e6eaff87c58d2b2084
Analyzer Verdict Alert fortinet Phishing
GET /bnk/global/public/scripts/branch-sdk.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 1493
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/clicktale/clicktale.js
162.0.236.106200 OK 558 B URL HTTP/1.1 www.nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/clicktale/clicktale.js
IP 162.0.236.106:0
File type ASCII text, with very long lines (558), with no line terminators
Hash e552af86f2a0fb6015100d8060b2c431
eee74b8645cd4c525ddf6ba108b77f41f3d8d417
aa93d7347ca52db7160f90e641b79d1d4c4ce0273bb47801f93fe1a5af1d8ca5
Analyzer Verdict Alert fortinet Phishing
GET /bnk/content/dam/dfs/credit-cards/static/js/clicktale/clicktale.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:21 GMT
Accept-Ranges: bytes
Content-Length: 558
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/dis/jscripts/acquisitions/at.js
162.0.236.106200 OK 78 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/dis/jscripts/acquisitions/at.js
IP 162.0.236.106:0
File type ASCII text, with very long lines (32010)
Hash 90bcc71419620ea6d1e8a67b872124cd
63d8299f7e33afd0ea439a995b18dabcbadd7e00
a1ff0f42ff3eaea77ab9276cfe77b67312e86ccf00481deee6ba2b5f31a3e7c0
Analyzer Verdict Alert fortinet Phishing
GET /bnk/dis/jscripts/acquisitions/at.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:16 GMT
Accept-Ranges: bytes
Content-Length: 77585
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
162.0.236.106200 OK 62 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
IP 162.0.236.106:0
File type ASCII text, with very long lines (62310), with no line terminators
Hash 11ceefacf705d2811b4a2a02bcdfe7e7
d44ff186f441bde81f3fba7ce39da08ef6b8f14b
802024f3561e95b85943a13fefb8307bf626ca1ea77b60c7779b722785217c3e
Analyzer Verdict Alert fortinet Phishing
GET /bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8 HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 62310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/autodate.js
162.0.236.106200 OK 1.6 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/content/dam/dfs/credit-cards/static/js/autodate.js
IP 162.0.236.106:0
Hash a5a2a30e21e77b3d67508c2486807b7f
87eef835637348e7455c122c7ad2ec85fdc41939
dec8ab700d4f74758cf259b28921291a6f15d15f8445f0563a0236b716e78078
Analyzer Verdict Alert fortinet Phishing
GET /bnk/content/dam/dfs/credit-cards/static/js/autodate.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:21 GMT
Accept-Ranges: bytes
Content-Length: 1577
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/global/libs/scripts/libs.minf47e.js?ver=9737d8d4ef
162.0.236.106200 OK 238 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/libs/scripts/libs.minf47e.js?ver=9737d8d4ef
IP 162.0.236.106:0
File type ASCII text, with very long lines (32001)
Size 238 kB (238114 bytes)
Hash 9737d8d4efe011e3ba5d32501091f072
6f77ad229be097d515d3a0c1518dee5e0d4eb84d
e00c7025f0333ce2e8196e0210b218a8f47bd809344b9cd594816b3c36a9c819
Analyzer Verdict Alert fortinet Phishing
GET /bnk/global/libs/scripts/libs.minf47e.js?ver=9737d8d4ef HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 238114
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e7af1f0b4216de4c834ff66409561637
5798acd4f3bb047368b0ab286c076c3e0a3c7b52
9258c45d3283ed7de653e5b5c9270faeba567e88fb3a10a410fa657895156f7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2734
Cache-Control: max-age=107501
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:30:57 GMT
Etag: "63e13ac0-1d7"
Expires: Wed, 08 Feb 2023 18:22:38 GMT
Last-Modified: Mon, 06 Feb 2023 17:37:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te
162.0.236.106200 OK 221 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te
IP 162.0.236.106:0
File type ASCII text, with very long lines (65162)
Size 221 kB (220879 bytes)
Hash 676163524614b1c289d39bd204eea945
83eb6bfac2497d76b702d94b61db33a334fb755d
f9b2e8abbf67eadcceb515fa6eb406b026fd2626e774d08ad169fa082763bca8
GET /bnk/global/public/css/common.mina41a.css?ver=9737d8d66te HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 220879
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 863 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e8704a7bed134bf0942f77b8b6dbe6d
63b0f0b0f1af07f091264b705738970a7c9a21fe
2586332634904ea1d483398c1ebf980a087930354e78a9259d9785e5445dc577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2927
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 12:30:57 GMT
Connection: keep-alive
www.nahtinternationa.com/bnk/global/images/logo.png
162.0.236.106200 OK 7.5 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/images/logo.png
IP 162.0.236.106:0
File type PNG image data, 220 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 471272db15972c1787386a9626eb590d
8eabee1e21925a7274e2c7a909e4e0b2b104a837
61d0b93bf82661c535aa496f4caa9b480c1add5f1dc992813e282e9e725d4966
GET /bnk/global/images/logo.png HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Sat, 28 May 2022 06:13:34 GMT
Accept-Ranges: bytes
Content-Length: 7535
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.nahtinternationa.com/bnk/applications/homepage/images/loader.gif
162.0.236.106200 OK 2.9 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/loader.gif
IP 162.0.236.106:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 6037488f287a9bf7dc96a15c276a6be4
db7df22f919d17f36af92e9603e04a9d1919bed8
2bb24032b1561352d08494faa7babab441e534f1734a70fbe35871f8ffe6efba
GET /bnk/applications/homepage/images/loader.gif HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 2917
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2927
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 12:30:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2927
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 12:30:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2927
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 12:30:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V_4NzIAVBOZMjf_YIM3bowFdlP1y4peI5JI-jO105s3NVjmyYnC0Tg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:48:48 GMT
age: 52929
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -OEG4deGxPaXCxA16sr4s2uAcDTWyzDoXgCkUdwluUiYL-z55VQKwA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 06:11:48 GMT
age: 22749
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 18911
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nahtinternationa.com/bnk/global/images/icon-spyglass.png
162.0.236.106200 OK 443 B URL HTTP/1.1 www.nahtinternationa.com/bnk/global/images/icon-spyglass.png
IP 162.0.236.106:0
File type PNG image data, 23 x 23, 8-bit colormap, non-interlaced\012- data
Hash 1feba58493ba67cf96cccfd76407848e
6da6746b442e25f68d5f74f85fe95b0304ad5bb1
2c368b494568114802e37bb3940d7f2763cb4a5e1424403460cb3710442d6125
GET /bnk/global/images/icon-spyglass.png HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 443
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 63977
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sxF0lRh0Jc9km7inuPEIo5I0hx-TW8Mjz5C3oDcBGtfxtJTnBssPVw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:08:35 GMT
age: 19342
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:57:41 GMT
age: 27196
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nahtinternationa.com/bnk/etc.clientlibs/dfs-credit-cards/clientlibs/clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js
162.0.236.106200 OK 587 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/etc.clientlibs/dfs-credit-cards/clientlibs/clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js
IP 162.0.236.106:0
File type HTML document, ASCII text, with very long lines (504)
Size 587 kB (586814 bytes)
Hash 9f24b4ebd9a7a63a7d7ef206f30b1cf8
83018f4a27b4edb1144ac58ddbacb4bd567f6909
62e0757e260aba020f9dd4348fe547672be177621831594a2b26069696ad597b
Analyzer Verdict Alert fortinet Phishing
GET /bnk/etc.clientlibs/dfs-credit-cards/clientlibs/clientlib-acqall.min.ACSHASH9f24b4ebd9a7a63a7d7ef206f30b1cf8.js HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:56 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 586814
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Bold.woff
162.0.236.106200 OK 60 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Bold.woff
IP 162.0.236.106:0
File type Web Open Font Format, TrueType, length 60420, version 7.504\012- data
Hash aac6caa8a0877f27e8d32ae18cbd359f
9565f94a6a98a1cbbb9be0e8a5d544c012495ed1
63173425827d1250c6266742809b1ee5a48d3e6738e2dd62168a95f2675a7d82
Analyzer Verdict Alert fortinet Phishing
GET /bnk/global/public/fonts/MetaWebPro-Bold.woff HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 60420
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
www.nahtinternationa.com/bnk/applications/homepage/images/lock-icon.png
162.0.236.106200 OK 1.1 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/lock-icon.png
IP 162.0.236.106:0
File type PNG image data, 11 x 13, 8-bit colormap, non-interlaced\012- data
Hash cc2b2a48bbb6c246fb8bff3d0b6db981
d766506361304329d9d4aa1bdfe00f6d0f1a9456
690559981647011e256215e1576be6f5fe5b323b84fcfc6af15be581c7c2ea28
GET /bnk/applications/homepage/images/lock-icon.png HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 1060
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.nahtinternationa.com/bnk/global/images/utility-icons.png
162.0.236.106200 OK 56 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/images/utility-icons.png
IP 162.0.236.106:0
File type PNG image data, 830 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash b5d12d2235ed6bd80f86ac4786834149
29a731a1078d713472c71178d97a7b035ab876f3
69b5d627af1af7ac3c117dd914e2c868b818989d4ce9f92a53f7eebed54a4573
GET /bnk/global/images/utility-icons.png HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/global/public/css/common.mina41a.css?ver=9737d8d66te
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 55800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.nahtinternationa.com/bnk/applications/homepage/images/BRD_19_618124_300X196_D.com_Release.jpg
162.0.236.106200 OK 21 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/BRD_19_618124_300X196_D.com_Release.jpg
IP 162.0.236.106:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x196, components 3\012- data
Hash d0dec96fd6c255d28f20acb4db7d8071
18f5199a2ab7873dad606d0503fe98edee038af5
c715fdb100e8275f862cbe78ca3627b8e887c31aaff020689297933fe522622d
GET /bnk/applications/homepage/images/BRD_19_618124_300X196_D.com_Release.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 21312
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Normal.woff
162.0.236.106200 OK 61 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/public/fonts/MetaWebPro-Normal.woff
IP 162.0.236.106:0
File type Web Open Font Format, TrueType, length 61069, version 7.504\012- data
Hash 6564f1e6732d026b38c72a4b165d4f04
2aca435f084719059a8055a6caefd30574ebfc25
9f34946c2ed602b280a2f08a052802796e88c34552fc9838c5dd699783e4ae43
Analyzer Verdict Alert fortinet Phishing
GET /bnk/global/public/fonts/MetaWebPro-Normal.woff HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 61069
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff
www.nahtinternationa.com/bnk/applications/homepage/images/BRD-19-577812_DCOM_MILES_PLACEMENTS_300x196.jpg
162.0.236.106200 OK 26 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/BRD-19-577812_DCOM_MILES_PLACEMENTS_300x196.jpg
IP 162.0.236.106:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x196, components 3\012- data
Hash bb551405fd699deb48ed9767b203fe78
33f7636adf30633ab4ec8e9062dd3ffbeb8870fa
5a25ec95e4554513ebb362791c60a3fce7490f2256f8082853a6edee583a4a8c
GET /bnk/applications/homepage/images/BRD-19-577812_DCOM_MILES_PLACEMENTS_300x196.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 25523
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.nahtinternationa.com/bnk/applications/homepage/images/debt_consolidation_img.jpg
162.0.236.106200 OK 100 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/debt_consolidation_img.jpg
IP 162.0.236.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, description=debt_consolidation_img, copyright=(c) Image Source], baseline, precision 8, 600x392, components 3\012- data
Hash 2b10ee11258eba4a98305dcc1bcadfbe
7a692a7a3b92b53233348633c271685d9a6742a6
eac919d928076d19aa3ccbcd76b1e4153f55db67b5218c4596fcb6678f59919b
GET /bnk/applications/homepage/images/debt_consolidation_img.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 99486
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.nahtinternationa.com/bnk/applications/homepage/images/BRD_19_519766_460x196.jpg
162.0.236.106200 OK 18 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/BRD_19_519766_460x196.jpg
IP 162.0.236.106:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 460x196, components 3\012- data
Hash 5bba0b9296ad4071520587772d0b187a
43c689e7cfeee77f990ade196b8bd1821d31aa74
fdd9297aa77e4438b43bb72b30a289feb937d67cc87c11e0bf60a3dae5d0a9c1
GET /bnk/applications/homepage/images/BRD_19_519766_460x196.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 17701
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.nahtinternationa.com/bnk/applications/homepage/images/Dcom_BoxF_CreditScorecardImageUpdate.jpg
162.0.236.106200 OK 26 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/Dcom_BoxF_CreditScorecardImageUpdate.jpg
IP 162.0.236.106:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 460x196, components 3\012- data
Hash b3ceba0a934b6e5335b4d6e9b2fce3ef
86fbd8e7ccaf7c77f237cef5919a1ae88d0b2029
9ee1dbc32dd78fbe6ba97ef7ada05fc3fe708bdac2ac719d7ca73b497ccd341c
GET /bnk/applications/homepage/images/Dcom_BoxF_CreditScorecardImageUpdate.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:58 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 25544
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.nahtinternationa.com/bnk/home.php?_=1675773107141
162.0.236.106200 OK 47 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/home.php?_=1675773107141
IP 162.0.236.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cba2da3420487fb95673dc52cfb258f8
5d14a50764af6b4564cb5050c870ff1825174ff4
24e6c03bbcb3af189a919a742af7543139015468d8207e1ae6b7035c0d98ffce
Analyzer Verdict Alert fortinet Phishing
GET /bnk/home.php?_=1675773107141 HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37; s_pers=%20s_dfa%3Ddiscoverglobalprod%252Cdiscovercardservicingprod%7C1675774907546%3B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:58 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.nahtinternationa.com/bnk/applications/homepage/images/banner1.jpg
162.0.236.106200 OK 170 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/applications/homepage/images/banner1.jpg
IP 162.0.236.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, description=banner1, manufacturer=Canon, model=Canon EOS-1D X, orientation=upper-left, xresolution=202, yresolution=210, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2017-02-27T22:32:37-06:00], baseline, precision 8, 2160x626, components 3\012- data
Size 170 kB (170422 bytes)
Hash 931d6ba9d41060111bd2373731f58efd
c32b31e90c8181d8cd583b404ffcca06ac29e84d
df31d6e27574d48c76a5be96eeda06c0451fc19ef2b68199a262d0ddab2f54a2
GET /bnk/applications/homepage/images/banner1.jpg HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/applications/homepage/css/homepage.min9418.css?rel=789616478a8
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:57 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:23 GMT
Accept-Ranges: bytes
Content-Length: 170422
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.branch.io/branch-latest.min.js
54.230.111.14200 OK 22 kB URL HTTP/2 cdn.branch.io/branch-latest.min.js
IP 54.230.111.14:0
File type ASCII text, with very long lines (2646)
Hash 2a6320386437cc44ae1713f25f6ea30b
cf60f8578b16e8beddb82eb43d9b1f9db5491650
75622ee3451d62f121868396395909cd979874287141da4de39562ccf1f8f799
GET /branch-latest.min.js HTTP/1.1
Host: cdn.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 22048
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
server: AmazonS3
date: Tue, 07 Feb 2023 12:27:33 GMT
cache-control: max-age=300
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LqafBFPw4JOUjZGi3ED0rgw4qzwU41VADBAvuOXYf_66ybPePuEB1A==
age: 205
X-Firefox-Spdy: h2
cdnssl.clicktale.net/www15/ptc/fd145cf2-4109-439c-97f8-e0bc3c3e290d.js
54.230.111.38200 OK 77 kB URL HTTP/2 cdnssl.clicktale.net/www15/ptc/fd145cf2-4109-439c-97f8-e0bc3c3e290d.js
IP 54.230.111.38:0
File type ASCII text, with very long lines (38650)
Hash f336345cbf2d92ce16de0f6e96aaef53
56f0e901723d353785732cc53497aafe7436be19
9ad20e9a5b9fa76c8ff57fe74868d3eb2da7ff681c5e00af0b799bede1febda7
GET /www15/ptc/fd145cf2-4109-439c-97f8-e0bc3c3e290d.js HTTP/1.1
Host: cdnssl.clicktale.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nahtinternationa.com
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 76903
date: Mon, 06 Feb 2023 10:19:09 GMT
last-modified: Mon, 06 Feb 2023 10:16:00 GMT
etag: "f336345cbf2d92ce16de0f6e96aaef53"
cache-control: max-age=900
content-encoding: br
x-amz-version-id: 5UXqTTXvFYTBI0q.YYu3w4uAx.zSoyiu
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmP7AHiXfwR7OiUZzN4jWzSerQTzAQNr2zio0YyW4UHd27rPm3DDpQ==
age: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fls.doubleclick.net/json?spot=3471476&src=1531196&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=9163859374981
142.250.74.166200 OK 44 B URL HTTP/2 fls.doubleclick.net/json?spot=3471476&src=1531196&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=9163859374981
IP 142.250.74.166:0
File type ASCII text, with no line terminators
Hash 85386dba89ad287dce677942df69a122
46de897c4bf7aeb7795fdf06cc7a7a4a20901be6
48001e687309911332182ca1838c768758df580e2f6a687212a2641771cd8ab4
GET /json?spot=3471476&src=1531196&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=9163859374981 HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 12:30:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 44
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 12:45:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 12:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nahtinternationa.com/bnk/global/images/favicon.ico
162.0.236.106200 OK 1.2 kB URL HTTP/1.1 www.nahtinternationa.com/bnk/global/images/favicon.ico
IP 162.0.236.106:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash e2b5d9050d3b6f7282ac946c81c8b942
c9ca67aa3e3940ca41d733dcc281b616600ce8db
6a4aecb1d55e042a11a9f72169fde9015f0918ffeb828a4696a1b282bb3f7c93
GET /bnk/global/images/favicon.ico HTTP/1.1
Host: www.nahtinternationa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/bnk/home.php
Cookie: PHPSESSID=s74q6uhklt795uklkhcbs5bnb1; check=true; mbox=session#ae0afe4eb710414b8330304509223806#1675774968|PC#ae0afe4eb710414b8330304509223806.37_0#1739017908; mboxEdgeCluster=37; s_pers=%20s_dfa%3Ddiscoverglobalprod%252Cdiscovercardservicingprod%7C1675774907546%3B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 12:30:58 GMT
Server: Apache
Last-Modified: Thu, 14 Apr 2022 13:52:20 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/x-icon
app.link/_r?sdk=web2.71.0&branch_key=key_live_gevPwVGxd97F95YmLl3jThcjvxgKTSvI&callback=branch_callback__0
54.230.111.16200 OK 91 B URL HTTP/2 app.link/_r?sdk=web2.71.0&branch_key=key_live_gevPwVGxd97F95YmLl3jThcjvxgKTSvI&callback=branch_callback__0
IP 54.230.111.16:0
File type ASCII text, with no line terminators
Hash ec125b294415f727d99b55d5f1427cab
fb14132be2169907c4e5c21a8cd844dd5f7a40c0
d37ca7c0995618808b547f6fbdda2da2df973d3ce40f8c23bb5a51559a16f40b
GET /_r?sdk=web2.71.0&branch_key=key_live_gevPwVGxd97F95YmLl3jThcjvxgKTSvI&callback=branch_callback__0 HTTP/1.1
Host: app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 91
server: openresty
date: Tue, 07 Feb 2023 12:30:58 GMT
set-cookie: _s=ZNokDIgn7KyzbQhJGuHiiYaRk%2BwRp3Schw0tPSUtZNjfph8Wgr6J0fNyL5Qskkxz; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Wed, 07 Feb 2024 12:30:58 GMT; Secure
x-content-type-options: nosniff
etag: W/"5b-+xQTK+IWmQfE5cIajNhE3V96QMA"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tmNO8j8nx3eRBy04y3j2HgMC1mhd1w8y4jvrvZLb_hVAXToVztn9_Q==
X-Firefox-Spdy: h2
s.btstatic.com/tag.js
23.46.112.208200 OK 12 kB IP 23.46.112.208:0
File type ASCII text, with very long lines (538)
Hash 6f10bf5bfb0d50b6134dd44dcb873f6e
f587c49633f5399e025c062e8a0a3fd51bf43ed8
f305d56a2a9bb2396fa218751bad94104f81253205d134e9c0563c21405888ac
GET /tag.js HTTP/1.1
Host: s.btstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Thu, 04 Aug 2022 17:16:38 GMT
Accept-Ranges: bytes
P3P: CP=NOI DSP COR NID
Content-Encoding: gzip
Content-Length: 12525
Cache-Control: public, max-age=14400
Date: Tue, 07 Feb 2023 12:30:58 GMT
Connection: keep-alive
Vary: Accept-Encoding
api2.branch.io/v1/open
54.230.111.15200 OK 317 B IP 54.230.111.15:0
File type JSON data\012- , ASCII text, with very long lines (317), with no line terminators
Hash bb0b9032d76b54e3406bb83af865d7e2
b6ad50e81a9c5b99032c3a41a9f3d0b0d4f120b6
cb4dec3f0d36d7e55f7dd65fcb55fd1704fc7e20c440dbed4d19a503ddac41b5
POST /v1/open HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 320
Origin: https://www.nahtinternationa.com
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 317
access-control-allow-origin: *
cache-control: no-cache
date: Tue, 07 Feb 2023 12:30:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CwZVt0xyCIKNhAfAd9phm3DLHXGflSaLEw_nwz11JG70wmO0WsJg2w==
X-Firefox-Spdy: h2
api2.branch.io/v1/pageview
54.230.111.15200 OK 28 B URL HTTP/2 api2.branch.io/v1/pageview
IP 54.230.111.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 40ad459cb59514b4661cb0f8372dad3c
291656a477c82b220718a27d9a9f650325febc56
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
POST /v1/pageview HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1393
Origin: https://www.nahtinternationa.com
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 28
access-control-allow-origin: *
date: Tue, 07 Feb 2023 12:30:58 GMT
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
strict-transport-security: max-age=31536000; includeSubDomains
x-branch-request-id: f1b1266b14f540a781624776a76a4b46-2023020712
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z7J0Xr5Zq4i1acVXIvnuCQ-1wF3RlQM_0nutShZC_sIbhFCN1VWBqg==
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 74dc1bd5599801e314d6cff66354b963
07b6cf286e3cc5d18244b1b5ba6fdf44c29d3bfc
aa0dba4c53cbb57f8bb575be7c20d235ced011d66640d9debeebcccdfa1a7f9e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "AA0DBA4C53CBB57F8BB575BE7C20D235CED011D66640D9DEBEEBCCCDFA1A7F9E"
Last-Modified: Tue, 07 Feb 2023 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2835
Expires: Tue, 07 Feb 2023 13:18:14 GMT
Date: Tue, 07 Feb 2023 12:30:59 GMT
Connection: keep-alive
s.thebrighttag.com/tag?site=p9zWtoq&H=3iuiqe7
3.16.134.16200 OK 0 B URL HTTP/2 s.thebrighttag.com/tag?site=p9zWtoq&H=3iuiqe7
IP 3.16.134.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag?site=p9zWtoq&H=3iuiqe7 HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:30:59 GMT
content-type: text/javascript
content-length: 0
x-bt-requestid: 46a61570-a6e3-11ed-88ec-0000ac170186
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
etag: d41d8cd98f00b204e9800998ecf8427e
access-control-allow-origin: https://www.nahtinternationa.com
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
use.fontawesome.com/d9cde14000.js
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/d9cde14000.js
IP 172.64.132.15:0
GET /d9cde14000.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:30:56 GMT
content-type: text/javascript
x-amz-id-2: 2E11M0RcFHWlBwvO1u4tOXljlMM2WHmhfGFHD6A8exp5EgUH6NPojXqDwEEddFYsNYxItBpXW0s=
x-amz-request-id: 58584HW5QYJAXZVK
last-modified: Thu, 01 Jul 2021 15:33:12 GMT
etag: W/"bd0df2cac32ccf49d2fe9092929b1129"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS5JiuSxK9fukOIdVh%2BnIEtqGARkeDuLaLT2joufb%2FgHbwCLFJ6f%2F88ji7MU0wXTd3T%2Fm22qbHcJJVSIZDtJjT0GR%2BYmv0HO0FDdBM%2FkGRFXMVOlh5zd7%2BDvo3TmKEcJN6umeffG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c23c2581e8e2c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discover.tt.omtrdc.net/m2/discover/mbox/json?mbox=target-global-mbox&mboxSession=ae0afe4eb710414b8330304509223806&mboxPC=&mboxPage=87e180a5f853417d903f0246b0472a42&mboxRid=f8a26a1232b848879cb0027225b1658d&mboxVersion=1.6.4&mboxCount=1&mboxTime=1675773106804&mboxHost=www.nahtinternationa.com&mboxURL=https%3A%2F%2Fwww.nahtinternationa.com%2Fbnk%2Fhome.php&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&envPresent=false&edskeypresent=N
34.253.167.75200 OK 0 B URL HTTP/2 discover.tt.omtrdc.net/m2/discover/mbox/json?mbox=target-global-mbox&mboxSession=ae0afe4eb710414b8330304509223806&mboxPC=&mboxPage=87e180a5f853417d903f0246b0472a42&mboxRid=f8a26a1232b848879cb0027225b1658d&mboxVersion=1.6.4&mboxCount=1&mboxTime=1675773106804&mboxHost=www.nahtinternationa.com&mboxURL=https%3A%2F%2Fwww.nahtinternationa.com%2Fbnk%2Fhome.php&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&envPresent=false&edskeypresent=N
IP 34.253.167.75:0
GET /m2/discover/mbox/json?mbox=target-global-mbox&mboxSession=ae0afe4eb710414b8330304509223806&mboxPC=&mboxPage=87e180a5f853417d903f0246b0472a42&mboxRid=f8a26a1232b848879cb0027225b1658d&mboxVersion=1.6.4&mboxCount=1&mboxTime=1675773106804&mboxHost=www.nahtinternationa.com&mboxURL=https%3A%2F%2Fwww.nahtinternationa.com%2Fbnk%2Fhome.php&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&envPresent=false&edskeypresent=N HTTP/1.1
Host: discover.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nahtinternationa.com
Connection: keep-alive
Referer: https://www.nahtinternationa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 12:30:57 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.nahtinternationa.com
access-control-allow-credentials: true
x-request-id: f8a26a1232b848879cb0027225b1658d
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
set-cookie: discover!mboxSession=ae0afe4eb710414b8330304509223806; Max-Age=1860; Expires=Tue, 07-Feb-2023 13:01:57 GMT; Domain=discover.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
discover!mboxPC=ae0afe4eb710414b8330304509223806.37_0; Max-Age=63244800; Expires=Sat, 08-Feb-2025 12:30:57 GMT; Domain=discover.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2