Overview

URLwineshed.com.au/img/dcu/personal.html
IP 203.26.41.132 (Australia)
ASN#38719 Dreamscape Networks Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-20 20:26:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 17:35:13 UTC 143.204.55.115
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-09-20 13:04:07 UTC 93.184.220.29
assets.adobedtm.com (5) 512 2014-01-28 04:51:35 UTC 2022-09-20 10:30:48 UTC 23.38.200.237
fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-20 15:51:03 UTC 142.250.74.10
fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-20 04:47:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
dcu.demdex.net (1) 167443 2019-09-26 13:40:13 UTC 2022-09-18 20:42:29 UTC 52.210.26.59
cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-09-20 10:23:27 UTC 52.17.180.229
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-20 04:47:05 UTC 23.36.76.226
us.cobrowse.pega.com (1) 49768 2018-09-27 11:25:31 UTC 2022-09-18 20:42:28 UTC 3.225.171.56
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-20 17:37:01 UTC 34.120.237.76
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-20 05:19:24 UTC 143.204.55.35
ocsp.comodoca.com (1) 1696 2012-05-21 07:01:17 UTC 2022-09-20 10:54:38 UTC 104.18.32.68
mpsnare.iesnare.com (4) 5723 2016-04-10 11:13:26 UTC 2022-09-20 12:42:44 UTC 54.195.39.4
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-20 05:36:22 UTC 54.148.190.4
usassets.cobrowse.pega.com (2) 93477 2019-04-29 14:22:06 UTC 2022-09-18 20:42:08 UTC 3.225.171.56
dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-09-20 10:23:27 UTC 34.242.116.160
frame.gleap.io (3) 0 2022-05-11 14:55:24 UTC 2022-09-18 20:42:47 UTC 34.159.137.246 Domain (gleap.io) ranked at: 530339
digitalfederalcreditunion.sc.omtrdc.net (2) 158858 2020-04-10 15:09:38 UTC 2022-09-18 20:42:29 UTC 15.188.95.229
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
wineshed.com.au (15) 0 2019-02-25 21:10:36 UTC 2022-09-20 15:35:10 UTC 203.26.41.132 Unknown ranking
ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2022-09-20 09:29:00 UTC 192.124.249.41
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
digitalfederalcredit.tt.omtrdc.net (1) 202275 2019-09-26 13:40:13 UTC 2022-09-18 20:42:29 UTC 52.210.161.20
cdn.plaid.com (2) 17458 2018-07-31 05:49:13 UTC 2022-09-20 17:23:41 UTC 54.230.111.89

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-20 2 wineshed.com.au/img/dcu/personal.html Digital Federal Credit Union

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-20 2 wineshed.com.au/img/dcu/personal.html Phishing
2022-09-20 2 wineshed.com.au/img/dcu/js/config.js Phishing
2022-09-20 2 wineshed.com.au/img/dcu/js/loader_only.js Phishing
2022-09-20 2 wineshed.com.au/img/dcu/js/64.390011c5.js Phishing
2022-09-20 2 wineshed.com.au/img/dcu/js/chunk-common.112fec58.js Phishing
2022-09-20 2 wineshed.com.au/img/dcu/js/2.a6ab680e.js Phishing
2022-09-20 2 wineshed.com.au/js/vendor.e1d2459d.js Phishing
2022-09-20 2 wineshed.com.au/js/app.fa332a3e.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 203.26.41.132
Date UQ / IDS / BL URL IP
2023-03-22 12:04:16 +0000 0 - 0 - 4 acfs-brisbane.org.au/ARCHIVE/Cen7LJ4iXlpWfb0/ 203.26.41.132
2023-03-22 12:03:03 +0000 0 - 0 - 3 acfs-brisbane.org.au/ARCHIVE/dTVHslBcIgEB/ 203.26.41.132
2023-03-21 11:52:02 +0000 0 - 0 - 2 psharp.com.au/index.html 203.26.41.132
2023-03-21 09:11:24 +0000 0 - 0 - 4 acfs-brisbane.org.au/ARCHIVE/Cen7LJ4iXlpWfb0/ 203.26.41.132
2023-03-21 09:10:03 +0000 0 - 0 - 3 acfs-brisbane.org.au/ARCHIVE/dTVHslBcIgEB/ 203.26.41.132


Last 5 reports on ASN: Dreamscape Networks Limited
Date UQ / IDS / BL URL IP
2023-03-30 14:30:39 +0000 0 - 0 - 3 ozemag.com/wp-content/themes/emag/template-pa (...) 103.250.215.162
2023-03-30 14:30:28 +0000 0 - 0 - 3 ozemag.com/wp-content/themes/emag/template-pa (...) 103.250.215.162
2023-03-30 14:21:56 +0000 11 - 0 - 13 bakasbuilding.com/n1/NedbankMoney.htm 103.20.202.177
2023-03-30 11:09:33 +0000 0 - 0 - 3 ozemag.com/wp-content/themes/emag/template-pa (...) 103.250.215.162
2023-03-30 11:08:39 +0000 0 - 0 - 3 ozemag.com/wp-content/themes/emag/template-pa (...) 103.250.215.162


Last 5 reports on domain: wineshed.com.au
Date UQ / IDS / BL URL IP
2022-09-20 20:26:57 +0000 0 - 0 - 9 wineshed.com.au/img/dcu/otp.html 203.26.41.132
2022-09-20 20:26:39 +0000 0 - 0 - 9 wineshed.com.au/img/dcu/personal.html 203.26.41.132
2022-09-20 20:26:17 +0000 0 - 0 - 9 wineshed.com.au/img/dcu/email.html 203.26.41.132
2022-09-20 20:25:59 +0000 0 - 0 - 7 wineshed.com.au/img/dcu/index2.html 203.26.41.132
2022-09-20 20:25:39 +0000 0 - 0 - 7 wineshed.com.au/img/dcu/ 203.26.41.132


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (77)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 20:13:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3u3CsYieJ2OqZ9ebEYo3le-j_qL_VsWRA5oJfU5URm5wHaOocuUaPw==
Age: 794


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7986
Expires: Tue, 20 Sep 2022 22:39:34 GMT
Date: Tue, 20 Sep 2022 20:26:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _5ijvJ5_dy7IcT9v4lpwVdJqRVaNkHmK4cWWm9YBbCM41t3XYAGtBw==
age: 57075
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 20 Sep 2022 20:26:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 20:26:28 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 12:35:09 GMT
Expires: Sun, 25 Sep 2022 12:35:08 GMT
Etag: "66c3aac38e04cbfd08e51aab77e7f32565c29add"
Cache-Control: max-age=403178,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 59
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd4bdaac2ab50b-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 20:03:22 GMT
Expires: Tue, 20 Sep 2022 20:31:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EYHeGDxKyRedDDxdRx6g9m2181d8k1SKo9AjWXG_KnHzmJxSP7BaKw==
Age: 1386


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5332
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:29 GMT
Last-Modified: Tue, 20 Sep 2022 18:57:37 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "97a1294fe9ebfd08669e214fcc839024:1658495611.885198"
last-modified: Fri, 22 Jul 2022 13:13:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:26:29 GMT
date: Tue, 20 Sep 2022 20:26:29 GMT
content-length: 73977
access-control-allow-origin: https://wineshed.com.au
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   73977
Md5:    c8e5e4603713b2afef04641fbdaadcf8
Sha1:   ba70173dec1981bb9419e44373987917c15512e8
Sha256: 3beb4f3ae29074fd5cfbd0c211659e3fe7499219b644bef22f79e4898cf92427
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 20 Sep 2022 21:26:29 GMT
date: Tue, 20 Sep 2022 20:26:29 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://wineshed.com.au
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   12163
Md5:    e616df092766c7ab7904619f971a35cc
Sha1:   a960429c42802a43e3ce728fc4d1e8bdab10e606
Sha256: 082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 20 Sep 2022 21:26:29 GMT
date: Tue, 20 Sep 2022 20:26:29 GMT
content-length: 1597
cache-control: no-cache
access-control-allow-origin: https://wineshed.com.au
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3155)
Size:   1597
Md5:    e672de61b277fc72de4299829bfbb31c
Sha1:   157a7409922d58a02dad3ba879d04eb2a3ef8f3d
Sha256: e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6487
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:29 GMT
Last-Modified: Tue, 20 Sep 2022 18:38:22 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/dcu/personal.html HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 20:26:29 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:37:48 GMT
Accept-Ranges: bytes
Content-Length: 30773
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2795), with CRLF line terminators
Size:   30773
Md5:    e093b5ec884af8a12c28078fbf6a6e0b
Sha1:   f5914eafd685460bd342708f6cbf9fad5e5fb211
Sha256: dc57f353bfc932486ade900407db62e3617a7e94dfb2817a17c6a6a3a41b205d

Alerts:
  Blocklists:
    - openphish: Digital Federal Credit Union
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4573
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:29 GMT
Last-Modified: Tue, 20 Sep 2022 19:10:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 853
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:29 GMT
Last-Modified: Tue, 20 Sep 2022 20:12:16 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /5.5.0/logo.js HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 20:26:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Wed, 20 Sep 2023 20:26:29 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (377)
Size:   419
Md5:    ef216d199ba085a24d11187111a91c75
Sha1:   09e85f12d1ef8c2254180cf7ffcca3656d832048
Sha256: 1a7155b0ea9118b340f93bb827655e2980f1317ff2d6812f2bafe2a2fd77dc23
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Nb5YRXC8wKofAFs9f7hQAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.190.4
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KtAUnly0gu8q6WZvzTxjvJK+HTo=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 20:26:30 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 19:12:38 GMT
Expires: Wed, 21 Sep 2022 19:12:38 GMT
ETag: "1308fd5b353b1931cf540b3d0b1299a24680a9e8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    0d496503cd5fc7f60b22d2e52c2b3b10
Sha1:   1308fd5b353b1931cf540b3d0b1299a24680a9e8
Sha256: 4dab3fcc0497befae853eddb0787024e5aaf06a4e944a2b730919b4877cff802
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 20:26:30 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 19:12:38 GMT
Expires: Wed, 21 Sep 2022 19:12:38 GMT
ETag: "1308fd5b353b1931cf540b3d0b1299a24680a9e8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    0d496503cd5fc7f60b22d2e52c2b3b10
Sha1:   1308fd5b353b1931cf540b3d0b1299a24680a9e8
Sha256: 4dab3fcc0497befae853eddb0787024e5aaf06a4e944a2b730919b4877cff802
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:29 GMT
Server: ECS (amb/6BAD)
Content-Length: 471

                                        
                                            GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 20:26:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=RWMYKSTX8e6C2H/skPzQujp8wkUqIvCmmSazFFaHPcU=;Path=/;Expires=Wed, 20-Sep-2023 20:26:29 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1038)
Size:   18553
Md5:    ca394cd15c636da8b8001635c8f8388d
Sha1:   45d44bc9835e2f01a71f389be0fcfbf70fbe7502
Sha256: 1b54aad84b7876af853ea9110104eb2702ba70459a55f9c88a5a09286f901a25
                                        
                                            GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.225.171.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 20 Sep 2022 20:26:29 GMT
content-length: 3489
set-cookie: AWSALB=3cGm/8zh/3KR8rJ9y/NGsLhez2pduIwpzFfoBXeMArBqSEjVRq1C5t1FkH+f3YLxbSLvehtERHPXai7mjE2d8JTVJJ3HrQNukRJ3i4o20qLur/e+Ql2VB+Nh2UMY; Expires=Tue, 27 Sep 2022 20:26:29 GMT; Path=/ AWSALBCORS=3cGm/8zh/3KR8rJ9y/NGsLhez2pduIwpzFfoBXeMArBqSEjVRq1C5t1FkH+f3YLxbSLvehtERHPXai7mjE2d8JTVJJ3HrQNukRJ3i4o20qLur/e+Ql2VB+Nh2UMY; Expires=Tue, 27 Sep 2022 20:26:29 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14626)
Size:   3489
Md5:    c9e0ee1acc72fd18e3953cf614f7e879
Sha1:   bacc2349aab9dfac47cd153702e98e1fa48466f4
Sha256: e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
                                        
                                            GET /cobrowse/loadScripts HTTP/1.1 
Host: us.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.225.171.56
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 20 Sep 2022 20:26:29 GMT
content-length: 508
set-cookie: AWSALB=BBA4qUQ9aoiecdpbaioQV/h562wzx/aEClajZZrxAuh7AlSXYqmFcsmInkKl3VLpDSltQK8IcLCONU/VAz315u2cBuLEP8PkvaABbOWzTzkWlkEVMLBYbbmxXiQC; Expires=Tue, 27 Sep 2022 20:26:29 GMT; Path=/ AWSALBCORS=BBA4qUQ9aoiecdpbaioQV/h562wzx/aEClajZZrxAuh7AlSXYqmFcsmInkKl3VLpDSltQK8IcLCONU/VAz315u2cBuLEP8PkvaABbOWzTzkWlkEVMLBYbbmxXiQC; Expires=Tue, 27 Sep 2022 20:26:29 GMT; Path=/; SameSite=None; Secure connect.sid=s%3AAS36LCN8LS8a16czEhhjvPpcxJrxTl59.XlWx7B42wqepWW0D%2FCKv%2BIX4PVta6uY6bWLFOTcbLOs; Path=/; Expires=Thu, 22 Sep 2022 20:26:29 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   508
Md5:    9cdb6851bb88c14e6033ca658ac8aa88
Sha1:   ee1d43de555319019f8b0713a683a463803a9b41
Sha256: fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
                                        
                                            GET /img/dcu/css/app.7b1cd472.css HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 2708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620)
Size:   2708
Md5:    a6203208fe70322ee6619151c0d157f4
Sha1:   f3da5df8be71a8ffe532ca84e85390b64dc07f61
Sha256: a96b470af21607586d13477faa3389db771879c865f4be78b3db4f2624dfba52
                                        
                                            GET /img/dcu/css/64.64d4d70e.css HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (686)
Size:   774
Md5:    7a247a89ed509a51f9ab6b0b87d2e4e8
Sha1:   68dfe132947ef98665199e339e71d803de50737a
Sha256: 138a2c46b71532038ec611610575b2b709de80508ceaf9c73d3de140847ceb6b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:26:30 GMT
date: Tue, 20 Sep 2022 20:26:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1143
Md5:    b13279c6c40eba7e6484a1152d9e6531
Sha1:   6663ee2e8f4e70ef5d7cb6ed1dbc477959a67149
Sha256: 3e9891e90729824794dda7f3f3bae64c29e4cc5f1529e1b8aa80556865c62fb2
                                        
                                            GET /img/dcu/js/config.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:29 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/dcu/css/chunk-common.d06af608.css HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 13357
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (13269)
Size:   13357
Md5:    23d853d0b8dc4dbf3ee3eb5839450e98
Sha1:   5cb719cc195a20a18ff9ff1ec6cf16c1e986cad6
Sha256: c68f6f80ec1fb457c7b8a3a1e1fefe3ffbb4e276fc80f38ef8b35df8ab5715e8
                                        
                                            GET /img/dcu/js/loader_only.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:29 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/dcu/css/2.658b5c49.css HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 1781
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1693)
Size:   1781
Md5:    b70298004617a3d79fbc5f0fc2b12f9a
Sha1:   8b1d694c39141163188180547968ca904a7fe2bd
Sha256: 4b71b799a4bd1d311e45d774fc3d959c085921f5a6d695ee4bf53486238bd58a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4195
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:26:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4195
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:26:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4195
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:26:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 80365
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
age: 80614
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9865
Md5:    1a7d863845e96c5927e812f325c08c16
Sha1:   b8484fb5443344b03e52dd56b1d6c5682eb6221a
Sha256: fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 79380
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9543
Md5:    30fbdfee7ec4513a5ff3dfcb7282f816
Sha1:   a852edb64a7220532aa619ab2a440c3a7e11b97a
Sha256: 4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 81386
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9873
Md5:    7ca0c1a7f205ad07f1cce80b26448873
Sha1:   0e14f5062e40ce94346494ff947bfcf74b5e88c1
Sha256: ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 80637
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11145
Md5:    c283017ec789693602177a2785177e21
Sha1:   ff8286c4d2cf87a1865d56d082bc5235dba60ad7
Sha256: 520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 63613
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.225.171.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 20 Sep 2022 20:26:30 GMT
content-length: 261370
set-cookie: AWSALB=MDtVvPtMiwksUlaHjfeYL7eCFLOuk/1zCNTYvoXboQUJMBinqR2Hgt5rDwPpsvPMXmBNML5mlaHTVcQsBzrmJNtJudIM4M5mC1w/TWBq0At1JSKS0kkpcMX4Io+2; Expires=Tue, 27 Sep 2022 20:26:30 GMT; Path=/ AWSALBCORS=MDtVvPtMiwksUlaHjfeYL7eCFLOuk/1zCNTYvoXboQUJMBinqR2Hgt5rDwPpsvPMXmBNML5mlaHTVcQsBzrmJNtJudIM4M5mC1w/TWBq0At1JSKS0kkpcMX4Io+2; Expires=Tue, 27 Sep 2022 20:26:30 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   261370
Md5:    eb9524e46cc30efd2673a51baa3a655e
Sha1:   f9860cf1e6dc646899418909a7bf2156df4556a4
Sha256: c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
                                        
                                            GET /img/dcu/js/64.390011c5.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/dcu/js/chunk-common.112fec58.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/dcu/js/2.a6ab680e.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/vendor.e1d2459d.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 20:26:32 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 19:12:38 GMT
Expires: Wed, 21 Sep 2022 19:12:38 GMT
ETag: "1308fd5b353b1931cf540b3d0b1299a24680a9e8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    0d496503cd5fc7f60b22d2e52c2b3b10
Sha1:   1308fd5b353b1931cf540b3d0b1299a24680a9e8
Sha256: 4dab3fcc0497befae853eddb0787024e5aaf06a4e944a2b730919b4877cff802
                                        
                                            GET /js/app.fa332a3e.js HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/dcu/css/vendor.7de76d70.css HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 20:26:30 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 444980
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65448)
Size:   444980
Md5:    4c071854e849732a82bf627d5eb4f6ef
Sha1:   26863e98af983805bad56be0caa9c74c80cb754d
Sha256: 830c662b25beb468bb939cdb6649edbb7b13c7225afa529b20d6862241877a4e
                                        
                                            GET /star HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wineshed.com.au
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aUkIqUCQTPOQqC5MXMoD5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.195.39.4
HTTP/1.1 101 Switching Protocols
                                        
Server: nginx
Date: Tue, 20 Sep 2022 20:26:32 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: qxoRtViP5hedH9L0HuBAb3hBQvI=
Upgrade: WebSocket

                                        
                                            GET /img/dcu/dcuLogoDark.png HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 20:26:32 GMT
Server: Apache
Last-Modified: Sat, 17 Sep 2022 03:27:28 GMT
Accept-Ranges: bytes
Content-Length: 7743
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size:   7743
Md5:    ae64e87365d6e6696145c8c53ce3632e
Sha1:   09337bd0289c432bffab6f653297fe2534ad0c68
Sha256: d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 20:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:08:02 GMT
expires: Tue, 19 Sep 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 83910
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size:   16980
Md5:    8a97f720d330e75ccdbda9ae0e9f5e90
Sha1:   8e4fee916581ab48d385187705667cebc7500afe
Sha256: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 20:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:55:14 GMT
expires: Tue, 19 Sep 2023 21:55:14 GMT
cache-control: public, max-age=31536000
age: 81078
last-modified: Mon, 09 May 2022 18:31:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Size:   17116
Md5:    bcf3a3fb620dfbee774f84e2c8e71530
Sha1:   40a79d240acdd7e5a95e165515ac7c0958a37971
Sha256: 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:23:17 GMT
expires: Tue, 19 Sep 2023 21:23:17 GMT
cache-control: public, max-age=31536000
age: 82995
last-modified: Mon, 09 May 2022 18:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    7e344afc10a492d516789f072fa6edfd
Sha1:   f38bd0b4e9d0577528f533b8ecd80801a0c6340f
Sha256: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
TE: trailers

search
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
expires: Tue, 20 Sep 2022 21:26:32 GMT
date: Tue, 20 Sep 2022 20:26:32 GMT
cache-control: no-cache
access-control-allow-origin: https://wineshed.com.au
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
TE: trailers

search
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
expires: Tue, 20 Sep 2022 21:26:32 GMT
date: Tue, 20 Sep 2022 20:26:32 GMT
cache-control: no-cache
access-control-allow-origin: https://wineshed.com.au
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 20:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2518
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:32 GMT
Last-Modified: Tue, 20 Sep 2022 19:44:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA2FEF12C646E754080F05EC03B00C7065EAAE602812A3FBB9C17949E466BB7"
Last-Modified: Sun, 18 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7115
Expires: Tue, 20 Sep 2022 22:25:07 GMT
Date: Tue, 20 Sep 2022 20:26:32 GMT
Connection: keep-alive

                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1663705592493 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.242.116.160
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://wineshed.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v041-031a3de88.edge-irl1.demdex.com 10 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=43855082947286986022420365084625479005; Max-Age=15552000; Expires=Sun, 19 Mar 2023 20:26:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: D12p9VEZTj8=
Content-Length: 834
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Size:   834
Md5:    1f9b6d7e3565dafc7b19dc30c003c15f
Sha1:   6fe35f37ee16e29f137d7fc4e3c18f0a76d2edfa
Sha256: 2dee80ba00d5e0251d3f9b92161c9f7a6570f28eb7de6aa3b56e5571c9a5e3f8
                                        
                                            GET /time.mp3?nocache=0.9732757407468063 HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.195.39.4
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Server: nginx
Date: Tue, 20 Sep 2022 20:26:32 GMT
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Size:   504
Md5:    cfe47da3367b896cf8fe9d23144e6294
Sha1:   5eb28e56c71ce7e851b99b4d90b4091e3090243a
Sha256: 2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
                                        
                                            GET / HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         34.159.137.246
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
age: 38493
cache-control: public, max-age=0, must-revalidate
date: Tue, 20 Sep 2022 09:44:59 GMT
etag: "32c72f7cae971b637f381065999ce4b8-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GDE99CTMQ10GAYSFMW4VHYXZ
content-length: 644
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (644), with no line terminators
Size:   644
Md5:    0f5ef3c487bc0d0374a0b799bde6a583
Sha1:   84b6fab7f2b5d010df9c3246bbb314a08ad64f3c
Sha256: 4b5ac734c40d6fecfd6f10acf6b624c6e05f4b25bf34c647efd43975dd146812
                                        
                                            GET /static/css/main.de56b7b2.css HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frame.gleap.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.159.137.246
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
age: 37915
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
date: Tue, 20 Sep 2022 09:54:38 GMT
etag: "f0cb8a13a7993f2e22572e3bc1c87e39-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDE99CXE0NK0DHKSQM5C3H11
content-length: 5428
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34415)
Size:   5428
Md5:    272427200eed48f81560c775e82abcdd
Sha1:   54557b5a72c3955ad0c6f0c7897bb975462d8df8
Sha256: a22e6f8b7a99cf86a44e42ded23e9f182191bbc333aeeeb22c9e9b83a243f723
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6497
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:32 GMT
Last-Modified: Tue, 20 Sep 2022 18:38:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4840
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:32 GMT
Last-Modified: Tue, 20 Sep 2022 19:05:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /static/js/main.273ce5e1.js HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frame.gleap.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.159.137.246
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
age: 11802
cache-control: public, max-age=0, must-revalidate
content-encoding: br
date: Tue, 20 Sep 2022 17:09:50 GMT
etag: "4ada51e94bca78ccae7682ab7d28a1f3-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDE99CXEFW5E1HFQR10PN12P
content-length: 118628
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65465)
Size:   118628
Md5:    9864b53434defaacc3dc4f2b70886af8
Sha1:   3f07269f1f21ca90bcf6eb684bc5ce872a7058c4
Sha256: c49b35e2d3fcbdc4b4ab8c738a11b6417df09322eeddb4cbe7c133196736af0a
                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=43328053138508650822408193031347378701&ts=1663705592762 HTTP/1.1 
Host: digitalfederalcreditunion.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         15.188.95.229
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://wineshed.com.au
access-control-allow-credentials: true
date: Tue, 20 Sep 2022 20:26:32 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: dcu.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         52.210.26.59
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Tue, 20 Sep 2022 20:26:32 GMT
DCS: dcs-prod-irl1-2-v041-09183c3bd.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Sep 2022 09:55:27 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: VbbDw2+pT1w=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=92554f4eb85f4de19b3cae303e3716b4&mboxPC=&mboxPage=81b7c89db2624b55b9f0dbadc8e9aba7&mboxRid=29c0ee6c5a22490ca58017693b74a5cd&mboxVersion=1.8.3&mboxCount=1&mboxTime=1663705592523&mboxHost=wineshed.com.au&mboxURL=https%3A%2F%2Fwineshed.com.au%2Fimg%2Fdcu%2Fpersonal.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fwineshed.com.au%2Fimg%2Fdcu%2Fpersonal.html&mboxMCSDID=4252C660D39E1A5A-39E27677FCEBBB9F&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=43328053138508650822408193031347378701&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 HTTP/1.1 
Host: digitalfederalcredit.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wineshed.com.au
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.210.161.20
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Tue, 20 Sep 2022 20:26:32 GMT
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://wineshed.com.au
access-control-allow-credentials: true
x-request-id: 29c0ee6c5a22490ca58017693b74a5cd
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   96
Md5:    6b163520b0cf60e083bff912b9c2bb1c
Sha1:   06ee03f7590fc06f149b328a2e6ef2bb41589f0e
Sha256: 868371a82cc86457036d35e03dd6555547b0628f34b745654d1c5b1baeefddf5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:26:33 GMT
Last-Modified: Tue, 20 Sep 2022 19:56:05 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4v6SVhjIvpa58XpglVs2qog-sZK6vhCc4c-BxQS8fY3tG1Qk2F8x8w==
Age: 1828

                                        
                                            GET /cm/dd?d_uuid=43855082947286986022420365084625479005 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.17.180.229
HTTP/1.1 302
                                        
Date: Tue, 20 Sep 2022 20:26:33 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yyoh_QAAAIHPpgNe; Domain=.everesttech.net; Expires=Wed, 20-Sep-2023 20:26:33 GMT; Path=/ everest_session_v2="Yyoh@QAAAIHPpwNe"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yyoh_QAAAIHPpgNe
Server: AMO-cookiemap/1.1

                                        
                                            GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s65818408144402?AQB=1&ndh=1&pf=1&t=20%2F8%2F2022%2020%3A26%3A33%202%200&sdid=4252C660D39E1A5A-39E27677FCEBBB9F&vid=43328053138508650822408193031347378701&mid=43328053138508650822408193031347378701&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Aimg%3Adcu%3Apersonal.html&g=https%3A%2F%2Fwineshed.com.au%2Fimg%2Fdcu%2Fpersonal.html&cc=USD&ch=img&server=wineshed.com.au&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=img&c2=img%3Adcu&v2=img%3Adcu&c3=img%3Adcu%3Apersonal.html&v3=img%3Adcu%3Apersonal.html&c9=D%3Dv9&v9=https%3A%2F%2Fwineshed.com.au%2Fimg%2Fdcu%2Fpersonal.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Aimg%3Adcu%3Apersonal.html&v12=year%3D2022%20%7C%20month%3DSeptember%20%7C%20date%3D20%20%7C%20day%3DTuesday%20%7C%20time%3D8%3A26%20PM&v13=New&c14=42&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=43328053138508650822408193031347378701&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1 
Host: digitalfederalcreditunion.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         15.188.95.229
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Tue, 20 Sep 2022 20:26:33 GMT
expires: Mon, 19 Sep 2022 20:26:33 GMT
last-modified: Wed, 21 Sep 2022 20:26:33 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3572780556310773760-4619781863524097111
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            GET /ibs:dpid=411&dpuuid=Yyoh_QAAAIHPpgNe HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wineshed.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.242.116.160
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v041-04a623d80.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yyoh_QAAAIHPpgNe
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74977017627692420714467572492871266201; Max-Age=15552000; Expires=Sun, 19 Mar 2023 20:26:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zxc00mAJSZw=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yyoh_QAAAIHPpgNe HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wineshed.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.242.116.160
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v041-09183c3bd.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: s1X/yOPMR7c=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wineshed.com.au
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/img/dcu/personal.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19256%7CvVersion%7C5.4.0; at_check=true; mbox=session#92554f4eb85f4de19b3cae303e3716b4#1663707453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         203.26.41.132
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 20:26:32 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (528), with CRLF line terminators
Size:   2271
Md5:    280e30ca543df6dd4e9738ccb5285d01
Sha1:   27ede6452483e9d54b802f21a618c452fa995923
Sha256: cead81e1fea87424050d1fbc6e379554896fa0d84fe5d3f43dfa3db915539897
                                        
                                            GET /link/2.0.1388/link-dynamic-loader.js HTTP/1.1 
Host: cdn.plaid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.89
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 20 Sep 2022 19:54:34 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 18:53:06 GMT
etag: W/"235ef2908bd4c2e15762c5ed3f5d5a6a"
x-amz-server-side-encryption: AES256
cache-control: max-age=10800
x-amz-version-id: 9ORTw7.E_VMQ3eTRwoVJvlRvvK3iJ5ZJ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZMMorKkNbPkvGyu1elyM9thLAzFisTQokmUCRePgFjJg4qEfsPPAdw==
age: 1919
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45601
Md5:    826328c0014a40dcef0d4224fb12cf6e
Sha1:   50a8adc6c0770598a2550ef69ede9e5c95ef0c40
Sha256: 3aaa8951f3b6472b13e651acff33f1d3029c148c600ebb2f3587b1a79bb7b1e2
                                        
                                            GET /link/v2/stable/link-initialize.js HTTP/1.1 
Host: cdn.plaid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wineshed.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.89
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: wGfORNE9LuEEkVJyTtrzyci44YXE6nzH0KofdLTL2vK3VpdHbrZA7XdYc2lgADRmsCTWdxDDjxw=
x-amz-request-id: 8QNM1P5ZA398GBJY
date: Tue, 20 Sep 2022 19:54:34 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 18:53:06 GMT
etag: W/"879d8779c152eddc2f08050e75ef4340"
x-amz-server-side-encryption: AES256
cache-control: no-cache,must-revalidate,max-age=0
x-amz-version-id: i35fqehR23efAvA0xLqCrRpNziKv8lJP
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U9tzjyokIYZPPQPcLMHfvYynhhBDEWj-zXZX_P8XMvn-1p0ybjv8Lw==
age: 1916
X-Firefox-Spdy: h2


--- Additional Info ---