r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4480
Expires: Wed, 25 Jan 2023 20:40:40 GMT
Date: Wed, 25 Jan 2023 19:26:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15647
Expires: Wed, 25 Jan 2023 23:46:47 GMT
Date: Wed, 25 Jan 2023 19:26:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Wed, 25 Jan 2023 20:07:40 GMT
Date: Wed, 25 Jan 2023 19:26:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 18:35:13 GMT
content-type: application/json
age: 3047
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wBFTsvalqVkoQ1rMbO3fR2txIh8wPMN5z47F2edfSLVOevKvhY5WKqkmFNKfJgguv1BCrnf5zNc=
x-amz-request-id: 1VA87CP07Z0GAZ5N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 18:48:40 GMT
age: 2240
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 18:41:40 GMT
age: 2660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dbac3872fdcc2d5eb1efa32fd1f861a8
b7334026ba97e3ab2e84924f52dc258cacef5bd6
4be6e694042c42f9fa5dd4fc41fd40c68c730244b15e4195fef2269b54f4fcee
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:26:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 07:39:06 GMT
Expires: Sun, 29 Jan 2023 07:39:05 GMT
Etag: "b7334026ba97e3ab2e84924f52dc258cacef5bd6"
Cache-Control: max-age=302584,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f365e6e8e40b45-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17613
Expires: Thu, 26 Jan 2023 00:19:34 GMT
Date: Wed, 25 Jan 2023 19:26:01 GMT
Connection: keep-alive
push.services.mozilla.com/
35.160.69.117101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.69.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I73CRJ/XLQu+QhgsmtZHEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +l5yqHQeZrYd9E/CSnycBss/yMo=
voconsulting.co.za/wellsss/wells/email.htm
154.0.160.118301 Moved Permanently 0 B URL HTTP/2 voconsulting.co.za/wellsss/wells/email.htm
IP 154.0.160.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /wellsss/wells/email.htm HTTP/1.1
Host: voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 25 Jan 2023 19:26:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.voconsulting.co.za/wellsss/wells/email.htm
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: PHPSESSID=256ctjv02a5rqo4pue7dej52d2; path=/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13456
Expires: Wed, 25 Jan 2023 23:10:18 GMT
Date: Wed, 25 Jan 2023 19:26:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13456
Expires: Wed, 25 Jan 2023 23:10:18 GMT
Date: Wed, 25 Jan 2023 19:26:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 58533
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 41333
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 51027
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 77207
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -GQ5kEZvbltzLlBeml1PxYH3ufTrSMApVjDyR_NkR-6-vXfuJHOb0g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:09:45 GMT
age: 72977
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 51087
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600
IP 142.250.74.106:0
Hash 26e0e996e37f9deb6fbf6e6df3474b93
71c64c701c5e590ff85299d2987b3af1b8d6ad64
8c5a6c57e4dd66de453e89249da8e000b1ddc74efc690f91e0809a4df28d954a
GET /css?family=Open+Sans:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 19:26:03 GMT
date: Wed, 25 Jan 2023 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/1.png
154.0.160.118301 Moved Permanently 290 B URL HTTP/1.1 www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/1.png
IP 154.0.160.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28ee36f8547baf1724bd58941b9d9055
1f25481c53e9b97d7935912cfdb87130e016e7aa
b59b441da49da6cb83355dca2af27d70568ea628797d928d4573c4c170a6d2ed
GET /voc/wp-content/uploads/2016/06/1.png HTTP/1.1
Host: www.specialisedenablementtraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 19:26:03 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Connection: keep-alive
Location: https://www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/1.png
Expires: Sun, 26 Mar 2023 19:26:03 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/07/voc-logo-1.png
154.0.160.118301 Moved Permanently 299 B URL HTTP/1.1 www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/07/voc-logo-1.png
IP 154.0.160.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3926e1dad49e26e2aa3d552d15915356
0dc69b873df29fb546bc52eed941b39652dce58e
aacb7754849e53f475ac17765386c2c4f645a4a34244b896357544139b29ec12
GET /voc/wp-content/uploads/2016/07/voc-logo-1.png HTTP/1.1
Host: www.specialisedenablementtraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 19:26:03 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 299
Connection: keep-alive
Location: https://www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/07/voc-logo-1.png
Expires: Sun, 26 Mar 2023 19:26:03 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
www.voconsulting.co.za/wp-content/uploads/2012/04/1-36x36.jpg
154.0.160.118200 OK 1.2 kB URL HTTP/2 www.voconsulting.co.za/wp-content/uploads/2012/04/1-36x36.jpg
IP 154.0.160.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 36x36, components 3\012- data
Hash d29613b14410e0d1fc46bd18edcf296f
10477d8e75dca7e1099305b62e3a6f3fedc777cc
d08a5c5d2f0a818df4edffe265f3e7d044e40226e1e4a5bc6f50c4a8aced599f
GET /wp-content/uploads/2012/04/1-36x36.jpg HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: image/jpeg
content-length: 1224
last-modified: Wed, 26 Sep 2018 13:48:24 GMT
expires: Sun, 26 Mar 2023 19:26:03 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/uploads/2012/04/2-36x36.jpg
154.0.160.118200 OK 1.3 kB URL HTTP/2 www.voconsulting.co.za/wp-content/uploads/2012/04/2-36x36.jpg
IP 154.0.160.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 36x36, components 3\012- data
Hash bbccf78648f8372be1a5034ae73be335
3d943cc0756edb26b1c32a610be51a2911c93f19
c3c8f1a1aa7416c73ab270e11cdd404fdb6d416f000a64ca9b88d9f6ed1d6fba
GET /wp-content/uploads/2012/04/2-36x36.jpg HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: image/jpeg
content-length: 1318
last-modified: Wed, 26 Sep 2018 13:48:39 GMT
expires: Sun, 26 Mar 2023 19:26:03 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/uploads/2012/04/013-36x36.jpg
154.0.160.118200 OK 1.1 kB URL HTTP/2 www.voconsulting.co.za/wp-content/uploads/2012/04/013-36x36.jpg
IP 154.0.160.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 36x36, components 3\012- data
Hash 37a53122e51599fc3b0b2e6db7f0f788
cdc6c0ca6c28e37fa38c58a0b59aabb74bd69904
d77baf7fe927df82e23e95a0c99071b1aa7212736afe900cac08fd237e293643
GET /wp-content/uploads/2012/04/013-36x36.jpg HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: image/jpeg
content-length: 1097
last-modified: Wed, 26 Sep 2018 13:48:01 GMT
expires: Sun, 26 Mar 2023 19:26:03 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/uploads/2012/04/014-36x36.jpg
154.0.160.118200 OK 1.4 kB URL HTTP/2 www.voconsulting.co.za/wp-content/uploads/2012/04/014-36x36.jpg
IP 154.0.160.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 36x36, components 3\012- data
Hash c88f04fe4bf2cd732b2671b20ddab204
29515664560ce7f0a1782596c6b78358503ac073
752d85e3cc14391b146d925cab9a9d8b5ec484004b7c393223e00fae4f97669d
GET /wp-content/uploads/2012/04/014-36x36.jpg HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: image/jpeg
content-length: 1446
last-modified: Wed, 26 Sep 2018 13:48:10 GMT
expires: Sun, 26 Mar 2023 19:26:03 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/css/shortcodes.css?ver=2
154.0.160.118200 OK 31 kB URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/css/shortcodes.css?ver=2
IP 154.0.160.118:0
Hash 964b07b7bea9cb5f122ba67202f1e5da
160b011e58a9ca9d18b1c841e51dfc1463da8aab
a238be74de01ddfba679ba7801ffeaecaf7afe540a7269a30063b599ac8862d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/css/shortcodes.css?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:10 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.voconsulting.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 174803
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash d7552713115948438e840fa293435fae
b727ae4ac7a2abc93e4b597cf06bfa5d412a6f85
97b88eb8fdca47947f541e5387e7b752386a2e64ef87f04f2780cd220a39b8aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123782
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Etag: "63d0c2d2-2d7"
Expires: Fri, 27 Jan 2023 05:49:06 GMT
Last-Modified: Wed, 25 Jan 2023 05:49:06 GMT
Server: nginx
Content-Length: 727
www.voconsulting.co.za/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
154.0.160.118200 OK 31 kB URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
IP 154.0.160.118:0
File type Web Open Font Format, TrueType, length 30804, version 1.0\012- data
Hash a1aeb367498d7280cd2246f4974e988a
57058b69ea614e2bdee874e882a92c4f32058c4d
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:04 GMT
content-type: font/woff
content-length: 30804
last-modified: Wed, 26 Sep 2018 14:25:54 GMT
expires: Sun, 26 Mar 2023 19:26:04 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash d7552713115948438e840fa293435fae
b727ae4ac7a2abc93e4b597cf06bfa5d412a6f85
97b88eb8fdca47947f541e5387e7b752386a2e64ef87f04f2780cd220a39b8aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Server: ECS (amb/6B7A)
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfdc396af732dc191b35071db2e4ebcb
aa35bca8397d8fb996104a1421db2c2141fc8330
89743556c2278241a79b0beaae3d962639b47880001125fdf8b5e5b32cbc65f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2512
Cache-Control: max-age=100359
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Etag: "63d05d83-1d7"
Expires: Thu, 26 Jan 2023 23:18:43 GMT
Last-Modified: Tue, 24 Jan 2023 22:36:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 45b8b129e4cc4d4daf25624212b5fbc1
a94346d3cadb728f713cc522e3484911410255cd
659303510ba7411d9337dfd0002286294f1f951c72ddc3f4a5f591aec49dae68
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 70c744f277e1058b88c8cf90b5d0927f
etag: "b6365578deb6ed5565b68b7eda80b5eb"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 25 Jan 2023 19:34:27 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: RbixKeTMTU2vJWJCErX7wQ==
x-fb-debug: +st0hvZwGUofn5G+Xs32wYMDAEv+kNiCnFh4CSUZB8Wq1zamsx7JFcZQdn9n8+SXfBaO3oA5OWR98CzXX2ZvWQ==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 19:26:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfdc396af732dc191b35071db2e4ebcb
aa35bca8397d8fb996104a1421db2c2141fc8330
89743556c2278241a79b0beaae3d962639b47880001125fdf8b5e5b32cbc65f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4122
Cache-Control: max-age=101969
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:26:04 GMT
Etag: "63d05d83-1d7"
Expires: Thu, 26 Jan 2023 23:45:33 GMT
Last-Modified: Tue, 24 Jan 2023 22:36:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.voconsulting.co.za/wp-content/themes/enfold/css/grid.css?ver=2
154.0.160.118200 OK 8.2 kB URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/css/grid.css?ver=2
IP 154.0.160.118:0
Hash 83034f58d4008ec95693555a35f3cdc8
336ad357e9980102fae0dc534741fa1992c2aa36
5ecd083a9019ef2c2d7e15bac67dcf0cf33a07c6084fba3b8be5a76221b5e01b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/css/grid.css?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:02 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/favcon.png
154.0.160.118301 Moved Permanently 295 B URL HTTP/1.1 www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/favcon.png
IP 154.0.160.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash df77f25130a1db729a813d8559d78525
044edcfb0dfe6f0598bd22e4964f5da612eeef47
f645e8fd4526cf397461ea259286527389259b5f28133a9cea529c71a0ebefc1
GET /voc/wp-content/uploads/2016/06/favcon.png HTTP/1.1
Host: www.specialisedenablementtraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 19:26:04 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Connection: keep-alive
Location: https://www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/favcon.png
Expires: Sun, 26 Mar 2023 19:26:04 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
connect.facebook.net/en_US/sdk.js?hash=faa46b6e6358adf28697f98cf6499a67
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=faa46b6e6358adf28697f98cf6499a67
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash d2a3fe35bf6c7aad055110bd850c1b0f
9b3683813afb5f433c16bf461f8f5e80fe77c951
c65846f242a1feb3e4d6194ce5cc8f16e53274b3de5065803d94fac6db5f650f
GET /en_US/sdk.js?hash=faa46b6e6358adf28697f98cf6499a67 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.voconsulting.co.za
Connection: keep-alive
Referer: https://www.voconsulting.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 18e243478b22d58473d89acb53ef9d9c
etag: "1d97a1682395856e2be6f6510a320202"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 25 Jan 2024 12:44:02 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 0qP+Nb9seq0FURC9hQwbDw==
x-fb-debug: SzKzvk8ZUUCaweiqUzhFCLd54FmN6qBTLeiPNBtARnbjpCyRxQaGuF+a4G7twctKaW3zEWhn0lN+A1d4Mot3DA==
content-length: 88413
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 19:26:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/07/voc-logo-1.png
154.0.160.118200 OK 224 kB URL HTTP/2 www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/07/voc-logo-1.png
IP 154.0.160.118:0
File type PNG image data, 2085 x 1173, 8-bit/color RGBA, non-interlaced\012- data
Size 224 kB (224213 bytes)
Hash cbdf830c97d1757eeccd69eebf9b4f80
15773231c7cff6084201523db1026b07bb6be388
6b453cf1fdc0d589e72d26d3aed3cd174c4e77eed46bb4d602f5777adf4f9d01
GET /voc/wp-content/uploads/2016/07/voc-logo-1.png HTTP/1.1
Host: www.specialisedenablementtraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:04 GMT
content-type: image/png
content-length: 224213
last-modified: Tue, 12 Jul 2016 07:21:14 GMT
expires: Sun, 26 Mar 2023 19:26:04 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/favcon.png
154.0.160.118200 OK 108 kB URL HTTP/2 www.specialisedenablementtraining.com/voc/wp-content/uploads/2016/06/favcon.png
IP 154.0.160.118:0
File type PNG image data, 1119 x 1193, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (107864 bytes)
Hash 2f1b168b371e2844973d1d7bcb626bad
b81cf3631255c5399cfcfbdc9fd9c659955a1e80
a65257a46fcb9a950b3b3b3dacb4b8b1db14b997bb57c971132d72742c862a5d
GET /voc/wp-content/uploads/2016/06/favcon.png HTTP/1.1
Host: www.specialisedenablementtraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:05 GMT
content-type: image/png
content-length: 107864
last-modified: Fri, 17 Jun 2016 08:47:37 GMT
expires: Sun, 26 Mar 2023 19:26:05 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e4fc310bc9f08%26domain%3Dwww.voconsulting.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.voconsulting.co.za%252Ff393799abe37efe%26relation%3Dparent.parent&container_width=209&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FVOConsulting-166234280915829%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
31.13.72.36200 OK 13 kB URL HTTP/2 www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e4fc310bc9f08%26domain%3Dwww.voconsulting.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.voconsulting.co.za%252Ff393799abe37efe%26relation%3Dparent.parent&container_width=209&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FVOConsulting-166234280915829%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19873)
Hash 8452144bae6b46565f0589afbbb6101d
28f0af70ec810dad92dea39645982ea62fca03b1
090608debd249f4c6d5fd17ca7eca21b6f459a7513a8a285a6568d8ac0af3b37
GET /v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e4fc310bc9f08%26domain%3Dwww.voconsulting.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.voconsulting.co.za%252Ff393799abe37efe%26relation%3Dparent.parent&container_width=209&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FVOConsulting-166234280915829%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 07+wTTTkLiCBhn/6I0kVTkmfPCuzcsq1gaXGlx45Zb8gKJNjwMSnGBKf/9bRsOzwJkCL9illrg4DEiGDUNr0jQ==
date: Wed, 25 Jan 2023 19:26:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/css/base.css?ver=2
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/css/base.css?ver=2
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/css/base.css?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:01 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/uploads/dynamic_avia/enfold_shared_by_themes24x7.com.css?ver=5bb4c41d196e5
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/uploads/dynamic_avia/enfold_shared_by_themes24x7.com.css?ver=5bb4c41d196e5
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/dynamic_avia/enfold_shared_by_themes24x7.com.css?ver=5bb4c41d196e5 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 03 Oct 2018 13:29:01 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/avia.js?ver=3
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/avia.js?ver=3
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/js/avia.js?ver=3 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:21 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 154.0.160.118:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:58 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/css/layout.css?ver=2
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/css/layout.css?ver=2
IP 154.0.160.118:0
GET /wp-content/themes/enfold/css/layout.css?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:04 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.1.15
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.1.15
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.1.15 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/css/custom.css?ver=2
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/css/custom.css?ver=2
IP 154.0.160.118:0
GET /wp-content/themes/enfold/css/custom.css?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:01 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/jquery/jquery.js?ver=1.12.4
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/avia-compat.js?ver=2
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/avia-compat.js?ver=2
IP 154.0.160.118:0
GET /wp-content/themes/enfold/js/avia-compat.js?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:18 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:36:00 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/shortcodes.js?ver=3
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/shortcodes.js?ver=3
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/js/shortcodes.js?ver=3 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 13:44:23 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.1.15
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.1.15
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.1.15 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=1 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 14:20:43 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=1
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=1
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=1 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 14:11:58 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=2
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=2
IP 154.0.160.118:0
GET /wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=2 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 26 Sep 2018 14:11:58 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wp-includes/js/wp-embed.min.js?ver=5.1.15
154.0.160.118200 OK 0 B URL HTTP/2 www.voconsulting.co.za/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 154.0.160.118:0
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.voconsulting.co.za/wellsss/wells/email.htm
Cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:26:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Apr 2022 12:07:59 GMT
expires: Fri, 24 Feb 2023 19:26:03 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.voconsulting.co.za/wellsss/wells/email.htm
154.0.160.118404 Not Found 0 B URL HTTP/2 www.voconsulting.co.za/wellsss/wells/email.htm
IP 154.0.160.118:0
Analyzer Verdict Alert fortinet Phishing
GET /wellsss/wells/email.htm HTTP/1.1
Host: www.voconsulting.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 25 Jan 2023 19:26:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.voconsulting.co.za/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=q796fupk545l589bav0l2lqeu0; path=/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2