firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 14:12:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ea1K2wQluxRb0fly3hz2d9TpLp9IJJRSpmYBI_nwUTW9cPy8i5pobQ==
Age: 2990
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11812
Expires: Wed, 21 Sep 2022 18:18:44 GMT
Date: Wed, 21 Sep 2022 15:01:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E8dmFU7iwqzAvwoJLkzO89RtWx3sJWZtIGFa0Hv4R1Q7s5yrHOuOuA==
age: 37599
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 15:01:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 14:03:22 GMT
Expires: Wed, 21 Sep 2022 14:42:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lw8rOVaPxy03ridJ0NAHk7cZL8l3SkqionAYtGypnKl7-bMRJlagHg==
Age: 3510
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5580
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:01:52 GMT
Last-Modified: Wed, 21 Sep 2022 13:28:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.catalinaconsultants.com.au/
116.0.23.145301 Moved Permanently 0 B URL HTTP/1.1 www.catalinaconsultants.com.au/
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 15:01:52 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Expires: Wed, 21 Sep 2022 16:01:53 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://catalinaconsultants.com.au/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MyB4dSMfu+piQ5vQWWKxQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ex/EhwslYiKAPIwzWCAEmJ+8oZ4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:01:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:01:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:01:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 60417
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pHepBEdMttNsKHcCRBHNSilQTcZLBjRGUkwzCvgzXLmiASW9UKo3Mw==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 05:24:55 GMT
age: 34619
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:43:54 GMT
age: 8280
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 60409
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 71002
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 60886
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
catalinaconsultants.com.au/
116.0.23.145200 OK 8.4 kB URL HTTP/1.1 catalinaconsultants.com.au/
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2902), with CRLF, LF line terminators
Hash 898f42ac625558b3da7acbc568989d57
d41da913343b1dd570daa65ff4123d9a8a3e7d7f
f21a2c96a3376877038797808c86d7cdbaf44a087f0739ea689e873434504db6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Hummingbird-Cache: Served
Cache-Control: max-age=3600, must-revalidate, max-age=0
Expires: Wed, 21 Sep 2022 15:01:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8416
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10270391
expires: Mon, 11 Sep 2023 15:01:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSqBkiqwFs1FKCXFFi63D8QUBE4Q6P%2F2glYaz%2FhfUdJ0S4DqlnB4aXWEmM7D06SgzCB5YKZiW8W0Lra0p6V663VThEksn%2BRrpsNutzG8gMqZF9mgs8pxsaLYr6fUY4l2%2FMEn%2FePj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3adc79e2cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e98e90482e38ea54568ed260bf68610
662e6e4e5661814b23b3c577309d090d37fbe390
599344ce1bb77ab4c5554e5969617ead8dbc3c19ee95cd37a31a0d21e83319d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599344CE1BB77AB4C5554E5969617EAD8DBC3C19EE95CD37A31A0D21E83319D4"
Last-Modified: Mon, 19 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5552
Expires: Wed, 21 Sep 2022 16:34:26 GMT
Date: Wed, 21 Sep 2022 15:01:54 GMT
Connection: keep-alive
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick.min.js
151.101.85.229200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (42862)
Hash 9813220cc7ce308c3b615177a704bf73
7ac45f0924a3723bb86b31191dd5181cdf6182e5
e899ddae1fc463f8f57aa9b3eb970526133124c47f27ace1255d261fab56f4cb
GET /gh/kenwheeler/slick@1.8.1/slick/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 15:01:54 GMT
age: 14648795
x-served-by: cache-fra19126-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10429
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e98e90482e38ea54568ed260bf68610
662e6e4e5661814b23b3c577309d090d37fbe390
599344ce1bb77ab4c5554e5969617ead8dbc3c19ee95cd37a31a0d21e83319d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599344CE1BB77AB4C5554E5969617EAD8DBC3C19EE95CD37A31A0D21E83319D4"
Last-Modified: Mon, 19 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5552
Expires: Wed, 21 Sep 2022 16:34:26 GMT
Date: Wed, 21 Sep 2022 15:01:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:01:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 27a94a0ff6f4c75a1ba21dd1caa47527
658d1917a81d1d0a68151903973992e2b59b3697
d1da53aff49d81c8d0139382b6c338d27eb349c0bde61e41ccb9e0e7ab7234f2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0D300EB098696BC238787019CF374F8685E820CB"
Expires: Thu, 22 Sep 2022 02:00:00 GMT
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 986
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e3adc81f300b3d-OSL
www.googletagmanager.com/gtag/js?id=UA-60499047-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-60499047-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 2d0bb2f1813079767bf4da75c5a36e7c
d7b6b7d03e612a0384c19aff0f01a332652a4a7d
fab23cccfd17c740bc7cc7e3d70481cbf482d11e7503b47dc5243d8a373ac8e5
GET /gtag/js?id=UA-60499047-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:01:54 GMT
expires: Wed, 21 Sep 2022 15:01:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css
194.242.11.186301 Moved Permanently 95 B URL HTTP/2 cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 984a56a9ece802d31f28b8f312859052
684e14f234c356b5bb190a3571cdeff084649c75
47507905cb0c306debd194a5b3fdc9554d08eb2a691080f56572440f98a2b10c
GET /michalsnik/aos/2.1.1/dist/aos.css HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 15:01:54 GMT
content-type: text/plain; charset=utf-8
content-length: 95
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css
server: BunnyCDN-NO-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 25342
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 09/21/2022 15:01:54
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19152-FRA, cache-chi-kigq8000148-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: e1b7a4b1442c4dcce5d56b25b1552972
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js
194.242.11.186301 Moved Permanently 94 B URL HTTP/2 cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 4aba6259a531dc4e9ccd48fb35dd9b1c
b8afdd2d72f44bacbda16ae2dba94f03be6d0d36
66c74e6f1628b494d0081f095911bdc545a67bc1e34e4ea35cdfea154da65b8d
GET /michalsnik/aos/2.1.1/dist/aos.js HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 15:01:54 GMT
content-type: text/plain; charset=utf-8
content-length: 94
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js
server: BunnyCDN-NO-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 27004
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 09/21/2022 15:01:54
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19136-FRA, cache-chi-kigq8000106-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: e5cbf911337a4220b542ea0de50d5225
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:01:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
catalinaconsultants.com.au/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css
116.0.23.145200 OK 3.3 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (27709)
Hash de25deb1514a3ba39e90bb45665aaa2f
fd5d4c836cc80f4350101414de25e665c4df4b51
67cdfdaf9767c318d1f269c0c46e768a65520ff151b103f40fc1446b473abec8
GET /wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:33:10 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3267
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css
116.0.23.145200 OK 728 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (2207), with CRLF line terminators
Hash ab08cd6697ea28fcc111b93dc27c4c8b
5e60d27cb6469bd557028d796faf2eb865bbd514
fb4aa1f6aae732aa8c77cda9bca939ea20c613069160acd20a06483fa3ddfa08
GET /wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:32:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 728
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/css/style.min.css
116.0.23.145200 OK 11 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/css/style.min.css
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5a26de4b3fa6ea9b1846a20fea2ac79f
8a1781b209711f8cff2b478f33a10edefc4c05aa
eef3ee70a4d4c75660362755fc75d9086dfaeef1758212ed0174a6d938c7579f
GET /wp-content/plugins/social-warfare/assets/css/style.min.css HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:55 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:32:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10896
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
catalinaconsultants.com.au/wp-includes/js/jquery/jquery.js
116.0.23.145200 OK 34 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-includes/js/jquery/jquery.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Server: Apache
Last-Modified: Mon, 03 Jun 2019 04:39:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Regular.ttf
116.0.23.145200 OK 42 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Regular.ttf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 26 names, Macintosh, Copyright 2017 The Barlow Project Authors (https://github.com/jpt/barlow)BarlowRegular1.101;TRBY\012- data
Hash 96ad904ea2b3fd31049ca4fd20a96485
bbe6a1e2853961a3de60c223fc5ff299a810bf9b
49f121f921d1763be28c09aba3521c51151c4e23d6c42add83c74099e872518e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/Barlow-Regular.ttf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:55 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/ttf
catalinaconsultants.com.au/wp-includes/js/jquery/jquery-migrate.min.js
116.0.23.145200 OK 4.0 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-includes/js/jquery/jquery-migrate.min.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:55 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js
116.0.23.145200 OK 195 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
Hash f9d342a66f882a21aaa6bf2f886dec5f
208b0196ddc4618f81a4acbe5e03b0789da1b9b3
16354818e612c2d6a9457960b8425bc745d7d48aa7e35f2c4ff4a32be4633cdf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:33:10 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 195
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/js/script.min.js
116.0.23.145200 OK 5.9 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/social-warfare/assets/js/script.min.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type Unicode text, UTF-8 text, with very long lines (21730)
Hash c60ef51293de07c9bc0a163875505a30
c7af8375dc928775a71cb7cfa1c75b6ba3f339a1
6c60adce68ca6e578dd6c5970983f1e2e44c66786979a0cfa553b3280a5e8970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-warfare/assets/js/script.min.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:32:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5914
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-includes/js/wp-embed.min.js
116.0.23.145200 OK 765 B URL HTTP/1.1 catalinaconsultants.com.au/wp-includes/js/wp-embed.min.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 10:22:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
116.0.23.145200 OK 2.6 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (6210), with no line terminators
Hash dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2022 03:32:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2559
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/themes/catalina/assets/scripts/main.js
116.0.23.145200 OK 269 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/scripts/main.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
Hash 5807ba5226565b1e5bcbab1378fb4c1d
4314013a7468875c7bc4379dbdd3a90d17776687
22dcfab285458ada324c4d14b84e36dc18886f71dc973f37b72c6ebdf406ef92
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/scripts/main.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Fri, 06 Apr 2018 04:42:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 269
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-includes/js/wp-emoji-release.min.js
116.0.23.145200 OK 4.6 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-includes/js/wp-emoji-release.min.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (10927)
Hash e6022e7bf2772180c8dc14fd4c7c93c9
faadecbfd55439d1d9b9a74ec9e3d6117fbd77e2
13149c23cd5fb87d9a216cb2a93714f401730958fef162a7c9f8d25d03173850
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:56 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 10:22:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4646
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/themes/catalina/style.css
116.0.23.145200 OK 63 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/style.css
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type assembler source, ASCII text, with very long lines (540)
Hash 9a7dbabc334a334f63b94706319d862b
e55534300f673bb17c81cb3c05a8633a3ed117a4
f72b0d5ea436c2a8925931849f1fd6b304f0d4c36fb6b5680afb8a189acc82d1
GET /wp-content/themes/catalina/style.css HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:55 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 03:36:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
catalinaconsultants.com.au/wp-content/themes/catalina/assets/scripts/fontawesome-all.min.js
116.0.23.145200 OK 538 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/scripts/fontawesome-all.min.js
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (65396)
Size 538 kB (538133 bytes)
Hash 3ccee6d5dbfa1bf63ee15f6826e6492d
9fa5d255168f477035ed6da4d3eb92c8b074ce44
5928b2ba42a0cf5681d2e757ac5f90088ce426a0aadbf54b8e1b0240370d0b25
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/scripts/fontawesome-all.min.js HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:54 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:54 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
catalinaconsultants.com.au/wp-content/themes/catalina/assets/images/logo.jpg
116.0.23.145200 OK 11 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/images/logo.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 353x133, components 3\012- data
Hash 91561ef9956263c35fd323b4db24bf7e
4cdd20de4270b571793fe31a31c3bd537b0c7f44
96b51e783f0c741072a05a37efd95504f73e31cdee7a49eb3b23aecfd36da8c6
GET /wp-content/themes/catalina/assets/images/logo.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11172
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2021/11/placeholder.jpg
116.0.23.145200 OK 6.1 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2021/11/placeholder.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x250, components 3\012- data
Hash e592a6ec6f0e8dd5b942f26f0af1e1c9
2f840ab4d9d74113fb90775b80ac434503940083
387160cf3250d06167c0c20e958c623562adae12b6ddb3bb911315cacf996ba6
GET /wp-content/uploads/2021/11/placeholder.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Mon, 15 Nov 2021 04:17:47 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2018/03/Cally-Ann-headshot.jpg
116.0.23.145200 OK 10 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/Cally-Ann-headshot.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x250, components 3\012- data
Hash 183c7b3b338743a41d1ea1f8b9fac550
161001dcfed16649ef424b91fc24df4b71bd7875
f06ad2baaa1ec8b6953ea683c564457cecab60ed4ab88311d5156ea303260a5f
GET /wp-content/uploads/2018/03/Cally-Ann-headshot.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 03:43:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9959
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2018/03/Zoe-headshot.jpg
116.0.23.145200 OK 10 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/Zoe-headshot.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x250, components 3\012- data
Hash 9ab2b1ceb7117444d2d5b6189633415b
ddd78b38e25bf1685c10cbf63cd264f094bf09a7
8de2f4988c142ae20f1479ff10f51bbb81e52dd4752f88fdb599723b947655a8
GET /wp-content/uploads/2018/03/Zoe-headshot.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 03:43:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10035
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2018/03/KATIE.jpg
116.0.23.145200 OK 16 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/KATIE.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x250, components 3\012- data
Hash 9971c676eae930647c6d8a4c25ced62d
aeadd6df0370d545aa0bbef766be9d7858695347
92a1c11c3905c8dfa51eed86521826b966a0125525f0b8c793a5e92c05405dde
GET /wp-content/uploads/2018/03/KATIE.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Wed, 20 Apr 2022 05:11:43 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15474
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-38-2-TEAM-4.jpg
116.0.23.145200 OK 310 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-38-2-TEAM-4.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Martin Vivian Pearse], baseline, precision 8, 2100x1600, components 3\012- data
Size 310 kB (309979 bytes)
Hash f5dec2c226ddd34aca6d81de92cc07ff
84738bb293cfa229743d972c339ae1a0913ccbf6
44b33967996ae2cb66340eabb1e095853b0e05ae5d54b7cc72516f6ebd099e28
GET /wp-content/uploads/2018/03/CAT-July-38-2-TEAM-4.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 03:47:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Medium.ttf
116.0.23.145200 OK 44 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Medium.ttf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 28 names, Macintosh, Copyright 2017 The Barlow Project Authors (https://github.com/jpt/barlow)BarlowMedium1.101;TRBY;\012- data
Hash 80f851ccf9e8f03c5c6155b6d8f58e9c
99746b940efc12c1cb470a86f9c957dc58f8500b
199f194eeb88da783c9592b17a1b92a055a7fefa13591174f96598288b1c1434
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/Barlow-Medium.ttf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:58 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:58 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43584
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/ttf
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-ExtraLight.ttf
116.0.23.145200 OK 41 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-ExtraLight.ttf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 28 names, Macintosh, Copyright 2017 The Barlow Project Authors (https://github.com/jpt/barlow)BarlowExtraLight1.101;T\012- data
Hash 8600f1b821047bef91ca515df4ace41e
8cf8f24f034db18172cfc0fb12fad414185b244d
e25df9df7e33440ca9e70976cc6356d2392fcd25e1ea287b61b453bf3a8151b3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/Barlow-ExtraLight.ttf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:58 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:58 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 41310
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Light.ttf
116.0.23.145200 OK 43 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/Barlow-Light.ttf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 28 names, Macintosh, Copyright 2017 The Barlow Project Authors (https://github.com/jpt/barlow)BarlowLight1.101;TRBY;B\012- data
Hash 7ee0d1aee7b59493e4bd5cec6b3478d5
4302fd7cf27d04ffad224be2d7313f5526b2781a
304aa2d4544e4abeae210e2cec8bd9c366ffd60d1b65b0b1b252362db4add117
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/Barlow-Light.ttf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:58 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:58 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/ttf
catalinaconsultants.com.au/wp-content/uploads/2022/08/who-we-help.jpg
116.0.23.145200 OK 182 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2022/08/who-we-help.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Martin Vivian Pearse], baseline, precision 8, 1500x1000, components 3\012- data
Size 182 kB (182265 bytes)
Hash 15e8f85d0d02b0c2327f66f2102fdc93
dfaee38a47d773c52c0ecbb816be73ff2708a3f5
b10da3c3b931ed774c57ba1324d788642c2d8bfaf4e646f6ff1534807d53dcd8
GET /wp-content/uploads/2022/08/who-we-help.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 03:18:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images-1.png
116.0.23.145200 OK 184 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images-1.png
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 700 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 184 kB (184458 bytes)
Hash 7de5b19dd2d7352352696d8cc5a6428c
9045a16f6a3f13cc162d0bd07bce1b085fcb452a
5642c1474fc9265f7593366c42208ca4c3d0650c385efc2555901ab9cb61f054
GET /wp-content/uploads/2022/08/Catalina-Images-1.png HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 04:39:27 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-117-1-Mez-Cally-Nix.jpg
116.0.23.145200 OK 216 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-117-1-Mez-Cally-Nix.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Martin Vivian Pearse], baseline, precision 8, 2500x1667, components 3\012- data
Size 216 kB (215618 bytes)
Hash ad69208741310fcf9e32a14057d76d3f
92f3c5d30e5307a10a64733f41d65409630217d3
52209fd6ee991e5b0cedfb6682ec22cbc6a036baa6e6e3e9ac37a99e5a0605a2
GET /wp-content/uploads/2018/03/CAT-July-117-1-Mez-Cally-Nix.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 03:20:05 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-47-Katie-Fayssal.jpg
116.0.23.145200 OK 220 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2018/03/CAT-July-47-Katie-Fayssal.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Martin Vivian Pearse], baseline, precision 8, 2500x1666, components 3\012- data
Size 220 kB (220421 bytes)
Hash 1b617f09df3e1af829e05486fe0ae1bb
27412d43e9a875f072049a8d94743dc9a661b5b7
ad23beae58ff2d6b37ab912272e534ae5cd63aee69548133ddaac46dbec26ad3
GET /wp-content/uploads/2018/03/CAT-July-47-Katie-Fayssal.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:57 GMT
Server: Apache
Last-Modified: Thu, 21 Jul 2022 03:20:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AvertaLightItalic.otf
116.0.23.145200 OK 161 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AvertaLightItalic.otf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type OpenType font data\012- data
Size 161 kB (161258 bytes)
Hash 27a49a382206137e2c8fcc2470906f9c
e9a74ea5a803733f87865cd5d3b7604e99f1088e
46faee743dfab5d533e2b760da4a9326ab98e50af3087e871942f1ee92e14a08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/AvertaLightItalic.otf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: font/otf
catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images.jpg
116.0.23.145200 OK 29 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, resolutionunit=2], baseline, precision 8, 700x400, components 3\012- data
Hash 820d192c9244a883d5427917adc8c3d0
231013522cdd362d1d6526936d7ad3b3b03366e4
6231e3ea8f26499b74947a286bed32996a6c7ab62b75e3e3dc9e3846fdec676d
GET /wp-content/uploads/2022/08/Catalina-Images.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:32:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28768
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/themes/catalina/assets/images/newsletter-bg.jpg
116.0.23.145200 OK 703 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/images/newsletter-bg.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x716, components 3\012- data
Hash eda9c8033900f369105213910fa87ac4
81333b41ca54745c05521a184634183c42ce5a0a
af165b10fc3ca0ff2531d719f7b9ebb00897ed0c3b1c29ba7ff1bdcb69c31403
GET /wp-content/themes/catalina/assets/images/newsletter-bg.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 03:26:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 703
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AvertaLight.otf
116.0.23.145200 OK 163 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AvertaLight.otf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type OpenType font data\012- data
Size 163 kB (162917 bytes)
Hash 6afd9bb1e1769ca1fa9fb9d95ac834a3
a0ce5d12e37beed1b00064d445c505cc3012e3c9
f4d40e6071518e80097fbc2c175c53bc0a6edcfc83075472dc025915f0a99934
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/AvertaLight.otf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
Last-Modified: Fri, 16 Mar 2018 08:28:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: font/otf
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 14:41:12 GMT
expires: Wed, 21 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 1248
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AbrilFatFace-Regular.ttf
116.0.23.145404 Not Found 0 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/themes/catalina/assets/fonts/AbrilFatFace-Regular.ttf
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/catalina/assets/fonts/AbrilFatFace-Regular.ttf HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/wp-content/themes/catalina/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://catalinaconsultants.com.au/wp-json/>; rel="https://api.w.org/"
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-60499047-1&cid=2123656759.1663772520&jid=1475483104&gjid=1830320000&_gid=664230163.1663772520&_u=YEBAAUAAAAAAAC~&z=1166818198
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-60499047-1&cid=2123656759.1663772520&jid=1475483104&gjid=1830320000&_gid=664230163.1663772520&_u=YEBAAUAAAAAAAC~&z=1166818198
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-60499047-1&cid=2123656759.1663772520&jid=1475483104&gjid=1830320000&_gid=664230163.1663772520&_u=YEBAAUAAAAAAAC~&z=1166818198 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://catalinaconsultants.com.au
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://catalinaconsultants.com.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 15:02:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
catalinaconsultants.com.au/wp-content/uploads/2021/11/cropped-placeholder-1-32x32.jpg
116.0.23.145200 OK 742 B URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2021/11/cropped-placeholder-1-32x32.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash e297f0b54a66c4fa91858bb8263b6bff
5529852b511e0224d1e7e634b3601b66b156a0d9
dbdcef987420c6f7f4b7d9ea85e0c0d093d0c1f929309863f818c83ae7f39f4b
GET /wp-content/uploads/2021/11/cropped-placeholder-1-32x32.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:02:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:34:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:02:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 742
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2021/11/cropped-placeholder-1-192x192.jpg
116.0.23.145200 OK 3.7 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2021/11/cropped-placeholder-1-192x192.jpg
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash cb63cbe3c7cd8c052199eb3f8a862670
007f1252390b075707b9d024fdc7f0858feacd82
35285560244fbdce86d8244c253ec6a170d477c1a47ad4e4c634735aeee36166
GET /wp-content/uploads/2021/11/cropped-placeholder-1-192x192.jpg HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:02:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:34:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:02:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3700
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images.png
116.0.23.145200 OK 498 kB URL HTTP/1.1 catalinaconsultants.com.au/wp-content/uploads/2022/08/Catalina-Images.png
IP 116.0.23.145:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 700 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 498 kB (497939 bytes)
Hash e4e571fcf7d1b72c67e8ae2fc14a22b3
208d18858ed893ed5fb68e678ab7ee433b3f05c7
bbef92825036f98a4e0ffe2ae608ceea2fa4498e4de97c1ab5642bfce91246b9
GET /wp-content/uploads/2022/08/Catalina-Images.png HTTP/1.1
Host: catalinaconsultants.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://catalinaconsultants.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:01:59 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 03:53:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 21 Sep 2023 15:01:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png