| nedbankqa.flowblocks.com/?//login//login/?/?//login//login//login/?/?//login//login/?/?/?/?/?//login//login//login/?//login/?//login//login//login/?//login//login//login/?//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login//login/?/?//login//login/?//login//login//login/?//login//login/?//login//login/?//login/?//login/?/?//login//login//login/?/?//login//login//login/?//login//login/?//login//login/?//login//login//login/?//login//login/?//login//login//login/?/?//login//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login/?//login/?/?//login//login/?//login//login/?//login//login//login/?/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?/?//login//login//login/?/?/?//login//login/?//login//login/?/?/?//login//login//login/?/?//login/?//login/?//login//login/?//login/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?//login//login//login/?/?/?/?/?//login//login/?//login/?//login/?/?//login/ | 129.232.165.210 | 302 Found | 0 B |
URL User Request GET HTTP/2nedbankqa.flowblocks.com/?//login//login/?/?//login//login//login/?/?//login//login/?/?/?/?/?//login//login//login/?//login/?//login//login//login/?//login//login//login/?//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login//login/?/?//login//login/?//login//login//login/?//login//login/?//login//login/?//login/?//login/?/?//login//login//login/?/?//login//login//login/?//login//login/?//login//login/?//login//login//login/?//login//login/?//login//login//login/?/?//login//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login/?//login/?/?//login//login/?//login//login/?//login//login//login/?/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?/?//login//login//login/?/?/?//login//login/?//login//login/?/?/?//login//login//login/?/?//login/?//login/?//login//login/?//login/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?//login//login//login/?/?/?/?/?//login//login/?//login/?//login/?/?//login/ IP129.232.165.210:443
CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /?//login//login/?/?//login//login//login/?/?//login//login/?/?/?/?/?//login//login//login/?//login/?//login//login//login/?//login//login//login/?//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login//login/?/?//login//login/?//login//login//login/?//login//login/?//login//login/?//login/?//login/?/?//login//login//login/?/?//login//login//login/?//login//login/?//login//login/?//login//login//login/?//login//login/?//login//login//login/?/?//login//login//login/?//login//login//login/?//login/?/?//login//login/?//login//login//login/?//login//login/?//login/?/?//login//login/?//login//login/?//login//login//login/?/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?/?//login//login//login/?/?/?//login//login/?//login//login/?/?/?//login//login//login/?/?//login/?//login/?//login//login/?//login/?//login/?/?//login//login/?/?//login/?//login//login//login/?//login/?//login//login//login/?/?/?/?/?//login//login/?//login/?//login/?/?//login/ HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Fri, 01 Jan 1999 00:00:00 GMT
last-modified: Fri, 01 Jan 1999 00:00:00 GMT
location: /login/
set-cookie: PHPSESSID=dskr6cdhvt73jii15as4o2072v; path=/; secure; HttpOnly
content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-webkit-csp: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:40 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/login/ | 129.232.165.210 | 200 OK | 1.9 kB |
URL User Request GET HTTP/2nedbankqa.flowblocks.com/login/ IP129.232.165.210:443
CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeHTML document, ASCII text Hash618cf6ef18f9cfb973fd84943985afe0 23f1ef92fa994ab8bc21d9226bb69b8dcf907e2f 7fd2fe6202a5eaed426859a3f78339f7744eaa17cf7a579a92911296a4c92aad
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /login/ HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=dskr6cdhvt73jii15as4o2072v
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Fri, 01 Jan 1999 00:00:00 GMT
last-modified: Fri, 01 Jan 1999 00:00:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
x-content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
x-webkit-csp: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
set-cookie: PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 1851
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/ | 129.232.165.210 | | 158 B |
URL nedbankqa.flowblocks.com/ IP129.232.165.210:0
CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeHTML document, ASCII text Hash00113afdbc6851628f9d5f7b7ecd5b8f 088920df8a39c16ec239ca9c983970997ebd2c8c de2a65888c74319a410f3e42cf7c14186b2c07773302b51c0518a8ec1d39d1fc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://nedbankqa.flowblocks.com/?/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 04 May 2024 03:15:42 GMT
Content-Length: 158
|
|
| nedbankqa.flowblocks.com/static/css/bootstrap.css?version=11625 | 129.232.165.210 | 200 OK | 17 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/static/css/bootstrap.css?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeassembler source, ASCII text, with very long lines (318) Hashc599fbab4022d8b6dd7b8c0700892d6f ccad86dee449903df4868c3849e2e7e31530cedd 2e0bc77cada6e0644a0aaf8f1055a176ef1370a88a5929a1982cb6804b2b1821
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /static/css/bootstrap.css?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
content-encoding: gzip
etag: "1699010160-e3202aea761d3d587dfcfc43c6982565"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 16926
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/static/css/animate.css?version=11625 | 129.232.165.210 | 200 OK | 4.4 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/static/css/animate.css?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeASCII text, with very long lines (460), with CRLF, LF line terminators Hash0b37bfa8cdd3e4270c27fbdb6af900bb 137d6ea60afbecf5d7604935195a877ff3c4df07 6ada121c40951f7df48a57112045beec40892475d59becf530c455f01a24ff73
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static/css/animate.css?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
content-encoding: gzip
etag: "1592570899-48a19169ea042263a2899ce6f747fe2f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 4354
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/templates/login/login.css?version=11625 | 129.232.165.210 | 200 OK | 3.1 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/templates/login/login.css?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash965bbbe1725ce28011797dca8116ccfa 6daf7b8dadccf8b280afcc2681a8459df8619096 860e6b1e27e0a65a3bc99bf60ce328603353c34a9791cafc6105972a47a3ddde
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /templates/login/login.css?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 04 May 2022 13:27:10 GMT
accept-ranges: bytes
etag: "0b53a8ba5fd81:0"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 3055
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/templates/login/login_refresh.css?version=11625 | 129.232.165.210 | 200 OK | 422 B |
URL GET HTTP/2nedbankqa.flowblocks.com/templates/login/login_refresh.css?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeASCII text, with CRLF line terminators Hash5e2027159037440a50250f2884d8e795 edb7547861e1bdd4426c70e1adbbe9034c51f4df 60283d67a52f24d4f721816aa9b34b0e4f0e93d3074ea82419423efb488cd4e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /templates/login/login_refresh.css?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 12:48:07 GMT
accept-ranges: bytes
etag: "23391e13746d61:0"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 422
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/lib/font-awesome-4.1.0/css/font-awesome.min.css?version=11625 | 129.232.165.210 | 200 OK | 4.7 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/lib/font-awesome-4.1.0/css/font-awesome.min.css?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeASCII text, with very long lines (20604) Hashbbfef9385083d307ad2692c0cf99f611 63a234ea4d60f6643a60a4d79e28f291b93c1743 b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /lib/font-awesome-4.1.0/css/font-awesome.min.css?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 12:48:07 GMT
accept-ranges: bytes
etag: "809d3ce13746d61:0"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 4653
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/static/img/underconstruction.png | 129.232.165.210 | 200 OK | 3.6 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/static/img/underconstruction.png IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typePNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced Hashc8f7b9c6fe53ae061875b69b214746aa f326112968cd1150d0e08f7982b08a302fb7b512 39e9d212320b15dd4b4bbdf8bfc0b324343ec7314359e5a1f39870bd6e6996cd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /static/img/underconstruction.png HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 19 Jun 2020 12:48:09 GMT
accept-ranges: bytes
etag: "c83284e23746d61:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 3646
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/static/js/modules/mod_login.js?version=11625 | 129.232.165.210 | 200 OK | 1.8 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/static/js/modules/mod_login.js?version=11625 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators Hasha6b9f744383daa07b340db2a785211eb fd99bc3c765060656b4e7e5392d80ba625a567f6 e29eea48ea0157ead9c82fea6ec89523fd4fefb0e9fa9f9cd39ca8c797c4b2ad
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /static/js/modules/mod_login.js?version=11625 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
etag: "1651670830-f7056349ac00f4b0a93cec965c83014c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:42 GMT
content-length: 1783
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/static/img/theme/base/icon_bg_tiler_extra_more_light.jpg | 129.232.165.210 | 200 OK | 16 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/static/img/theme/base/icon_bg_tiler_extra_more_light.jpg IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 224x213, components 3 Hash689b9489bfaec297b7e87743a1b3fe14 1600b8e414101e25a052827c867d74a1c13b3cd8 66eeace2d0dabcff0832fd1245c1da5562bd1d825a9259a71690885fd17fe509
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /static/img/theme/base/icon_bg_tiler_extra_more_light.jpg HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/templates/login/login.css?version=11625
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 19 Jun 2020 12:48:00 GMT
accept-ranges: bytes
etag: "414786dd3746d61:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:43 GMT
content-length: 15686
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/lib/font-awesome-4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0 | 129.232.165.210 | 200 OK | 84 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/lib/font-awesome-4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0 IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeWeb Open Font Format, TrueType, length 83760, version 1.0 Hashfdf491ce5ff5b2da02708cd0e9864719 7f2f3c55c2de192387c351b995115f6b79e09173 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /lib/font-awesome-4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/lib/font-awesome-4.1.0/css/font-awesome.min.css?version=11625
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 19 Jun 2020 12:48:08 GMT
accept-ranges: bytes
etag: "525e2ee23746d61:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:43 GMT
content-length: 83760
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/favicon.ico | 129.232.165.210 | 200 OK | 1.2 kB |
URL GET HTTP/2nedbankqa.flowblocks.com/favicon.ico IP129.232.165.210:443
Requested byhttps://nedbankqa.flowblocks.com/login/ CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeMS Windows icon resource - 1 icon, 16x16 Hashce7a60b9c3006eaaf5d2f0f9cfaa3e16 45c871c056cd754bf252156cbea67f741635b3ee 3b1e26d63c5dba039d5f9e8bb63cf362b54ec3503909477da41b69785e00072c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /favicon.ico HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nedbankqa.flowblocks.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Fri, 19 Jun 2020 12:48:29 GMT
accept-ranges: bytes
etag: "89eeccee3746d61:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:43 GMT
content-length: 1150
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/?/ | 129.232.165.210 | | 0 B |
URL nedbankqa.flowblocks.com/?/ IP129.232.165.210:0
CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /?/ HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Fri, 01 Jan 1999 00:00:00 GMT
last-modified: Fri, 01 Jan 1999 00:00:00 GMT
location: /login/
set-cookie: PHPSESSID=2pnrc89pc2ug2frf80eftesfpo; path=/; secure; HttpOnly
content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-webkit-csp: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self' 'unsafe-inline' *.flowblocks.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.flowblocks.com; img-src 'self' *.flowblocks.com blob: data:;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:43 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| nedbankqa.flowblocks.com/login/ | 129.232.165.210 | 200 OK | 1.8 kB |
URL User Request GET HTTP/2nedbankqa.flowblocks.com/login/ IP129.232.165.210:443
CertificateIssuerLet's Encrypt Subjectnedbankqa.flowblocks.com Fingerprint88:92:22:65:4C:61:05:FA:A2:E3:0C:FE:47:77:F8:94:2C:07:58:2E ValidityFri, 12 Apr 2024 06:01:07 GMT - Thu, 11 Jul 2024 06:01:06 GMT
File typeHTML document, ASCII text Hashf4259192d8f6c0d7a126bc5ec0121212 f2db96591ba6eec713d02350e7079b5a644314dd db322603b42a5de0e3d37c2ac9468b5663fb86077d7eaa996d8db85e6891d3b7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce | PhishTank | phishing | Other |
GET /login/ HTTP/1.1
Host: nedbankqa.flowblocks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Fri, 01 Jan 1999 00:00:00 GMT
last-modified: Fri, 01 Jan 1999 00:00:00 GMT
vary: Accept-Encoding
set-cookie: PHPSESSID=vu740p4ost7b3t2qb8ai9ihpso; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
x-content-security-policy: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
x-webkit-csp: default-src 'self' *.flowblocks.com; frame-ancestors *.flowblocks.com; form-action *.flowblocks.com; style-src 'self'; script-src 'self' *.flowblocks.com;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 04 May 2024 03:15:46 GMT
content-length: 1846
X-Firefox-Spdy: h2
|
|