email.mail1.onesignal.os.tc/c/eJwc0EGSmCAQQNHT6K4taLpBFi6y8RqpBppIjaOWMmPl9qnJDf5_cl2_W1koOlt9VOBSHVAmhFkNgsaK0Xq2qH4siyeOpY66WD8zOQ6Gxm1xrrJDr5n9bFzx1RvMNVH1cU6EaWyLmCwpRAGTjANS8jBXqsCZ0M5ZXEh-2rX3Wwcy-5ll386nj_uy9X49g_s14Drgeh57O_RRLU-S42PK5-eA6_sMuD4y_Tm_J_kacD3a1qatf-7jcfZWW5bezuNn1MbEJWQHQWoCQq4gIRTwNlTLahyTjNcuf_X-7zKz4-oYmFmAWD1EZAMU2CozziXk8V4-dP9ux5Q3fQcyrz5d7-M6X71_Cif5-hcAAP__82truw
34.102.239.211302 Found 450 B URL User Request GET HTTP/2 email.mail1.onesignal.os.tc/c/eJwc0EGSmCAQQNHT6K4taLpBFi6y8RqpBppIjaOWMmPl9qnJDf5_cl2_W1koOlt9VOBSHVAmhFkNgsaK0Xq2qH4siyeOpY66WD8zOQ6Gxm1xrrJDr5n9bFzx1RvMNVH1cU6EaWyLmCwpRAGTjANS8jBXqsCZ0M5ZXEh-2rX3Wwcy-5ll386nj_uy9X49g_s14Drgeh57O_RRLU-S42PK5-eA6_sMuD4y_Tm_J_kacD3a1qatf-7jcfZWW5bezuNn1MbEJWQHQWoCQq4gIRTwNlTLahyTjNcuf_X-7zKz4-oYmFmAWD1EZAMU2CozziXk8V4-dP9ux5Q3fQcyrz5d7-M6X71_Cif5-hcAAP__82truw
IP 34.102.239.211:443
Certificate IssuerLet's Encrypt
Subjectemail.mail1.onesignal.os.tc
Fingerprint66:96:AA:44:2E:73:9E:55:FB:C0:AD:0A:0E:13:70:96:7B:0F:B4:E7
ValidityFri, 26 May 2023 21:05:31 GMT - Thu, 24 Aug 2023 21:05:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 81a21f64cb060a94aafca88abdf5e58b
ef606b8dbbd4f58764376ce523271d44a183778e
4a8c05232e40fd3268bb815b4865f4bd6b8a86597e96947c53d4975d7d695c0a
Analyzer Verdict Alert openphish Australia Post
GET /c/eJwc0EGSmCAQQNHT6K4taLpBFi6y8RqpBppIjaOWMmPl9qnJDf5_cl2_W1koOlt9VOBSHVAmhFkNgsaK0Xq2qH4siyeOpY66WD8zOQ6Gxm1xrrJDr5n9bFzx1RvMNVH1cU6EaWyLmCwpRAGTjANS8jBXqsCZ0M5ZXEh-2rX3Wwcy-5ll386nj_uy9X49g_s14Drgeh57O_RRLU-S42PK5-eA6_sMuD4y_Tm_J_kacD3a1qatf-7jcfZWW5bezuNn1MbEJWQHQWoCQq4gIRTwNlTLahyTjNcuf_X-7zKz4-oYmFmAWD1EZAMU2CozziXk8V4-dP9ux5Q3fQcyrz5d7-M6X71_Cif5-hcAAP__82truw HTTP/1.1
Host: email.mail1.onesignal.os.tc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-store
content-type: text/html
date: Fri, 02 Jun 2023 01:28:38 GMT
location: https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
x-robots-tag: noindex
x-xss-protection: 1; mode=block
content-length: 450
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
104.17.24.14200 OK 5.9 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP 104.17.24.14:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9091652
expires: Wed, 22 May 2024 01:28:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FRKT4nlgNeRilN770eOrhNKzHpL3oFON64P5AScOyQIl%2FdjONsIYuTNNoTAbW8q5BPh4nJ1%2BSxQxDvdVmhxY%2FpnylvM2p7hHhI3REVBRrEqg9f%2F08VlwDhcMwXxYsJydvvBOs57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0bebc3fe54b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/css-social-buttons/1.2.0/css/zocial.css
104.17.24.14200 OK 22 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/css-social-buttons/1.2.0/css/zocial.css
IP 104.17.24.14:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (24194)
Hash 11cb6e84ea92cdd2fb69596b7314ec7d
5a39ebdf2a4232161b55ef2d67cb20fda3dab304
bf8d41c2e2250b2f0b431531871178d57cd9af1f42bbe121c90b51fd66a1dff2
GET /ajax/libs/css-social-buttons/1.2.0/css/zocial.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: text/css; charset=utf-8
content-length: 21543
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-ae99"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 226506
expires: Wed, 22 May 2024 01:28:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWOwn9Ia0aFUClMI1JZcujQkDUrhGkI14tvDRpREvo8QrLF6ADNHQh8xjMOPq%2BvoR90LbANDjufxYuURp9RwdSIyZ3EHjreDTmR3Q7qGsrXz5SdkkNDfgclv7vzrsQAjKgqDxoBQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0bebc40e58b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rootxone.org/05ce0/1/index.php
172.67.187.45302 Found 4.8 kB URL GET HTTP/2 rootxone.org/05ce0/1/index.php
IP 172.67.187.45:443
Requested by https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
File type gzip compressed data, from Unix\012- data
Hash 9793e62330d18647cc8c6ff7e6093b10
09ba6577cd1f92e65f0d90b2eafdb32a60af2ab3
f7da67b0f3f03b18b78b1d56d6faf242a18c12c76abe8aa19285d6eb5a5b5a5b
GET /05ce0/1/index.php HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlineseedsbank.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 02 Jun 2023 01:28:39 GMT
content-type: text/html; charset=UTF-8
location: https://rootxone.org/05ce0/1/9cd21/
x-powered-by: PHP/8.1.14RC1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHQNPiL1Tc2p%2BMjI5Xqe6lzOm36mupr2YX%2Bwrtycah1RinIj9GsSYshTvw1Q4yTB92e%2FzRwgsd7Hrf5l%2FpDQ86RZEr879v%2B98t%2F%2BaMsLixOXs8SRld%2BX0Zy6%2BEYRDDo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0bebbffaf31bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 01:28:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rootxone.org/05ce0/sourcexone/xonecss/style.css
172.67.187.45200 OK 81 kB URL GET HTTP/3 rootxone.org/05ce0/sourcexone/xonecss/style.css
IP 172.67.187.45:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
File type gzip compressed data, max compression, from Unix\012- data
Hash e4c5264f99da84cda9fc54bdf37a685c
87ef66a25d875ca4d35b73f07d90b9f9de3349b9
cb6b12f0513d20624d169eebb8d8889b73966c5b9dbf9f723fc875e965db405b
GET /05ce0/sourcexone/xonecss/style.css HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/05ce0/1/9cd21/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 19 May 2023 06:02:00 GMT
etag: W/"4771-5fc05a8c9f4c2"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhBL0PLRN6TIdQLBI34MA1ou5fdb8OtRs3mB7zSZ%2Bxwu%2BKlx1Wbbo4j17H4runlGMYCJryLC8s5eQpsftzuuzE%2B7NNAlDkyzvQgLZlDzVO4Zi2yJWSKT%2F%2Fod1qh4ceo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0bebc3ebda1c02-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Lato:400,100,300
142.250.74.74200 OK 410 B URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,100,300
IP 142.250.74.74:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash 97a04dcbaf0ac252c3f34166d93c3ccd
4c110ff52156c1571f98e393f442b82039a54b21
c2d845ac2c75798a817fd86c2f3be63e5fc503748dfae940dec92b60d2a9f18a
GET /css?family=Lato:400,100,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 01:28:40 GMT
date: Fri, 02 Jun 2023 01:28:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
onlineseedsbank.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.179.44200 OK 1.2 kB URL GET HTTP/3 onlineseedsbank.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.179.44:443
Requested by https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
Certificate IssuerGoogle Trust Services LLC
Subjectonlineseedsbank.com
Fingerprint05:44:19:F6:E7:A2:13:38:16:96:60:26:0B:05:30:CD:D2:07:96:88
ValidityWed, 17 May 2023 16:46:59 GMT - Tue, 15 Aug 2023 16:46:58 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert quad9 Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: onlineseedsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:39 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H%2BKkMARGWIyDVCpYOAEHFg4cT9czE86166905zDzj2eaTQJCRR2s0E3d1gFkJrdYxDLbxrcLejr6gKx0yBlCjb%2BwvTFQZExDT8XbkTrMNMpWyAT9SgQNCUNi7NgPDs84NLVJtGa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0bebbd5fcbb4eb-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 04 Jun 2023 01:28:39 GMT
cache-control: max-age=172800, public
content-encoding: gzip
rootxone.org/05ce0/index.php
172.67.187.45302 Found 17 kB URL GET HTTP/2 rootxone.org/05ce0/index.php
IP 172.67.187.45:443
Requested by https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /05ce0/index.php HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onlineseedsbank.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 02 Jun 2023 01:28:39 GMT
content-type: text/html; charset=UTF-8
location: ./1/index.php
x-powered-by: PHP/8.1.14RC1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvUXcWh0t64uIJfhEyBBJqDR4sQhz2RSQfiPRuw%2FsQzUaVui2dssA1YwRPTt10ijS%2BNqxLiQnlX7nyJGbpvz%2BZE0PAFfYESAX7hRPy5vLQkLLpTemXQ2Q6d4XrgGJqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0bebbf4ac41bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rootxone.org/05ce0/sourcexone/xonecss/stepbar.css
172.67.187.45200 OK 3.5 kB URL GET HTTP/3 rootxone.org/05ce0/sourcexone/xonecss/stepbar.css
IP 172.67.187.45:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
File type ASCII text, with very long lines (3740), with no line terminators
Hash 3a9b1f7d547f56d4ff41eb8913687221
d749365d39433ccdd05ba2e6b414c35114a7975a
cc79e9f8f348e3ba6b1517549a864666ec0a580bf506c58419dc793ba42f7d15
GET /05ce0/sourcexone/xonecss/stepbar.css HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/05ce0/1/9cd21/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 19 May 2023 06:02:00 GMT
etag: W/"db8-5fc05a8c9f8aa"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXaOu25a0o29VXyJUbeVtcKtulnayMCXkcl19cFrw2MPsozD2B9Xsocb%2Fep18ASTtQqlH6xoXjUsxy2lQJwvwr9ByAWT6BGxC9pIaRuN2OV6XMLlme%2BuFkenNcsuRJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0bebc3ebd91c02-OSL
alt-svc: h3=":443"; ma=86400
rootxone.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.187.45200 OK 12 kB URL GET HTTP/3 rootxone.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.187.45:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/05ce0/1/9cd21/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMa%2FlTFwoIGyH6%2B2FouhxDnfUCYfQDOTqtM557ByxhJDfUooFebTMd1F2ErPa5bkOav9%2BVQaCFk2kGYdc4AoEaOAuRA8OwUy%2BHscp1UOO8WTheDURQcynY25FzmGSHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0bebc3ebdb1c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 04 Jun 2023 01:28:40 GMT
cache-control: max-age=172800, public
content-encoding: gzip
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rootxone.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1380143
expires: Wed, 22 May 2024 01:28:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeovPKaynThM62lcx6ZGGgp6A6dBLOVRv%2FwsLBwu2OZ4bCFts2tBfyXajEpIB68yV4XfKEuHnIL3WBu1%2B7FkPD4sogQt7v3%2FHOeNNxt9v%2BzyvX6QyFIfjeO1Fx6K355vU2UcFzUs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0bebc56fc2b4f1-OSL
alt-svc: h3=":443"; ma=86400
onlineseedsbank.com/ws/sa.gov.au/nihi.html
172.67.179.44200 OK 7.5 MB URL User Request GET HTTP/2 onlineseedsbank.com/ws/sa.gov.au/nihi.html
IP 172.67.179.44:443
Certificate IssuerGoogle Trust Services LLC
Subjectonlineseedsbank.com
Fingerprint05:44:19:F6:E7:A2:13:38:16:96:60:26:0B:05:30:CD:D2:07:96:88
ValidityWed, 17 May 2023 16:46:59 GMT - Tue, 15 Aug 2023 16:46:58 GMT
Size 7.5 MB (7547975 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Australia Post
phishtank Other
quad9 Sinkholed
GET /ws/sa.gov.au/nihi.html HTTP/1.1
Host: onlineseedsbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:28:38 GMT
content-type: text/html
cf-ray: 7d0bebb96ac70b51-OSL
cf-cache-status: BYPASS
last-modified: Tue, 30 May 2023 04:53:25 GMT
vary: Accept-Encoding
cf-apo-via: origin,no-cache
x-powered-by: EasyEngine v4.0.14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW2gHAmmJos7mwrqKUELN%2BSyFhzKUEm%2BcJrX2clvgeq1FzPcnvhreb%2FdN1vMN09GpM%2By7Bh%2BRg0FFWEshcYdRnUvGC4yn70qtYqBDTZ9bW1pIKM1oDa%2F7EANEqTJDvvwLQm8zrW0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rootxone.org/05ce0/1/9cd21/
172.67.187.45200 OK 17 kB URL GET HTTP/3 rootxone.org/05ce0/1/9cd21/
IP 172.67.187.45:443
Requested by https://onlineseedsbank.com/ws/sa.gov.au/nihi.html
Certificate IssuerGoogle Trust Services LLC
Subjectrootxone.org
FingerprintD2:A7:ED:30:94:A1:ED:0F:F2:E2:78:EE:B8:43:46:61:CE:9A:30:18
ValidityThu, 04 May 2023 13:41:09 GMT - Wed, 02 Aug 2023 13:41:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, ASCII text, with very long lines (1608)
Hash 4d150a9c1428d94d0898e2228cfbf7ec
20915aeb8ebcdc7426f5a590ccb34e0e5e0fedf1
59c7793538b2df913130aac46e3b93fd12176e0c042f5db56f923101848f3bb3
GET /05ce0/1/9cd21/ HTTP/1.1
Host: rootxone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onlineseedsbank.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 01:28:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.14RC1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsMvHKhJkqTDElXvjGHqsZni3wuvmIe9uFl7e8HKOxfMf%2BBfPzbgBqNIUHHmyUCdssutPn3R6nvMXtAGQ%2FL63UnpYbm%2BkvBpIc6DUHe%2Fm%2FkYQwSPlcLz3QDwFxbXDW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0bebc23b611c02-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
142.250.74.74200 OK 17 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
IP 142.250.74.74:443
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
Hash abfd162751e3f57ac78b3a59fa2d2296
b8c8cade006465a56c2eb9b1d92add0c8bdf5dd6
5129bf0820f5e1637b02d8ba44a4e459137d46d1dcd854650a19b631ad2086ec
GET /css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 01:28:40 GMT
date: Fri, 02 Jun 2023 01:28:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rootxone.me/pixel/wz3xIB32v8DPajHZ
103.224.212.221302 Found 0 B URL GET HTTP/1.1 rootxone.me/pixel/wz3xIB32v8DPajHZ
IP 103.224.212.221:443
ASN #133618 Trellian Pty. Limited
Requested by https://rootxone.org/05ce0/1/9cd21/
Certificate IssuerLet's Encrypt
Subject123phim.info
FingerprintB4:31:19:96:2A:FE:CF:4C:8E:77:CB:EC:B2:E3:4D:5A:0C:D1:27:9B
ValidityThu, 11 May 2023 14:33:32 GMT - Wed, 09 Aug 2023 14:33:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/wz3xIB32v8DPajHZ HTTP/1.1
Host: rootxone.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rootxone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Fri, 02 Jun 2023 01:28:41 GMT
server: Apache
set-cookie: __tad=1685669321.6565320; expires=Mon, 30-May-2033 01:28:41 GMT; Max-Age=315360000
location: http://ww25.rootxone.me/pixel/wz3xIB32v8DPajHZ?subid1=20230602-1128-411e-b4d1-cdd741ea7977
content-length: 0
content-type: text/html; charset=UTF-8
connection: close