r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Wed, 09 Nov 2022 01:03:44 GMT
Date: Tue, 08 Nov 2022 23:57:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3983
Cache-Control: max-age=128377
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 23:57:57 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:37:34 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3363
Expires: Wed, 09 Nov 2022 00:54:00 GMT
Date: Tue, 08 Nov 2022 23:57:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PF6+Tq09tTDpnYZF6Zv9Ho5j/22efkOwyfMvc++dZIi7i/9wyrIDmzHkRttXRsIsfMXLEeiq/IQ=
x-amz-request-id: SDRAZTFGQR89HXPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 23:48:42 GMT
age: 555
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad380617cf841f2ec1b25f57b05637dd
a77f827a2225cdd14e69b0eff67e4037ba7d1a5c
576188509c712530f1dc9c469195b838c6f310ac9228e3405f5201dc259f0359
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "576188509C712530F1DC9C469195B838C6F310AC9228E3405F5201DC259F0359"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Wed, 09 Nov 2022 01:20:44 GMT
Date: Tue, 08 Nov 2022 23:57:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5653
Cache-Control: max-age=124982
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 23:57:57 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:40:59 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.37.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.37.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tXwT+u56CSPaFrNI44FREg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q7mpu6lmiUIZtkf6omGa9yGmGvc=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 23:57:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 18:54:08 GMT
expires: Wed, 08 Nov 2023 18:54:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 18230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 23:57:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spacesailer27.org.au/GTRFV/n1/secominuo/images/NedbankLogin.png
122.201.118.157200 OK 75 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/images/NedbankLogin.png
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 1886 x 1843, 8-bit colormap, non-interlaced\012- data
Hash fafe079d24657360aeb75ecb858f7a0f
7a4ab86f928fa43e42ba241ebb8858cf85fea99b
98abae8830ada4659fe72d966fbf8e96c3607a71283e45f0904214004c520f41
GET /GTRFV/n1/secominuo/images/NedbankLogin.png HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/png
content-length: 74758
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-fast.svg
122.201.118.157200 OK 5.2 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-fast.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2974)
Hash 0dde3b8066bb5443fab1c4a7d08effea
5f15ea404109ee3d033a249b9e2a408526fb435e
54e78d62919fc3c90ac4cb592eb5d9c419b377094d563fad66729afc97f356fe
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/login-fast.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/svg+xml
content-length: 5236
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-easy.svg
122.201.118.157200 OK 4.1 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-easy.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2053)
Hash d578c909c4378e67ebdb0ed5c702257a
3484ae3f3a0e7d9f84ad4b6dd0a2324c8f61aa7f
ee214fda63de4a1786bb0b14585f02af8c09b1a6b2b45fd697fa80aa6a26cace
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/login-easy.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/svg+xml
content-length: 4097
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-secure.svg
122.201.118.157200 OK 5.5 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/login-secure.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2575)
Hash 6ebc242253bc3dbf04fdf276f21c7ae4
a1ffb4effb03a41ce850227dd78af5817d636aeb
b35a2d5904979dbbff2a7b2455ce7b3bc048a3d51bda638c3af9b4d19bd31ba0
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/login-secure.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/svg+xml
content-length: 5473
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc233d853dae1e8f6127bc8f7ddd3ae
a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7
169e6f462cf903a188a13cb95791731fb20f2fdb04c236065e90f834606bb0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: e50bfdbf-6301-4451-9ae9-80127861f8fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTnaHR8IAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc95-4ee3045e3af315160dc7e933;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sPVnehGtMgbgGW_D41Q4vGyLdl8cSGpXEf1H0Td5Cy32w7carwcjTg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:44:22 GMT
age: 8017
etag: "a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da90dc6a5f2fc0c07e1e3d7ac0f1a67c
131acddbc0fefa19de876f5254d21370691b4653
60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGKvHV1bW_nNzjp6K-vbh2vMp3EvI3lFbFuEJ-j_Nz1y_eLuKWTD4g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:18:43 GMT
age: 5956
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 53343
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11ef1d34ac2d42662fe53fc58c882fdf
16f1e048895ed1ee0c0c071e3939e741113e4969
61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LDFjqTNKAf14q52-12SgdxG52y16CzeAmZFIIwxEnUFTYp8ZOTT4Ew==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 18:20:46 GMT
age: 20233
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24121bb1-6b1a-4b47-9a61-a1e493fc2abd.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24121bb1-6b1a-4b47-9a61-a1e493fc2abd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf2a87c0a3d9fe8a5be9ce6d3d3c93ad
f919c9f8b2dbaa4346ec065a4629ec44c13036dc
7169ae72c6cdfedb6e9fce98430fbb97d28107b02da6acb1ae5b29671bbcd21f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24121bb1-6b1a-4b47-9a61-a1e493fc2abd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6244
x-amzn-requestid: e6ea985e-290a-4deb-a47e-970fd3b0ee06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJUPeE_voAMFSNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366cd96-28bd8a836f911fda6286f293;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 20:54:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VGCufJWWm6gmF2LuKPY1QYWCcoWEg171x73SSBHyBQLFTnjWti9bww==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 15:51:29 GMT
age: 29190
etag: "f919c9f8b2dbaa4346ec065a4629ec44c13036dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1382cce063e7b64ce1a9360db1cb1a03
e773fbc5ba8bb957bce566d353c4580e46d4b31c
88332359957b997367612f496d866de90680f3ff458ead4e6cdc052ad3fe8858
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6458
x-amzn-requestid: 7dc5df31-e521-476f-aee2-6a59192d8c94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuEwBoAMFpVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-1a1866f906458f916d6baac8;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TpRz9GwPmcySJ-e0FjxKkBYmlb6wV8LnMoSMD_GJOpSk_phabHP-7Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:16:10 GMT
age: 6109
etag: "e773fbc5ba8bb957bce566d353c4580e46d4b31c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.spacesailer27.org.au/GTRFV/n1/secominuo/NedbankMoney.htm
122.201.118.157200 OK 37 kB URL HTTP/2 www.spacesailer27.org.au/GTRFV/n1/secominuo/NedbankMoney.htm
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
Hash 403325a088d0b2fb26d40b6bd53f2aec
9162f791338eda2a8c5fdb976efdbf3c66e54613
2618f9e1ba4082d83ddd6931812994a5a53d0b478cd8434d0f21bf4b906065af
Analyzer Verdict Alert openphish NedBank Limited
fortinet Phishing
GET /GTRFV/n1/secominuo/NedbankMoney.htm HTTP/1.1
Host: www.spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:57 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 05:28:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/GooglePlay.svg
122.201.118.157200 OK 23 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/GooglePlay.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Hash 56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/GooglePlay.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/svg+xml
content-length: 22795
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/AppStoreBadge.svg
122.201.118.157200 OK 12 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/AppStoreBadge.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/AppStoreBadge.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: image/svg+xml
content-length: 12224
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4928d271ec26fb70fb8f382d5d5891d8
dd53c66dc0a2fdf2dad3b4a88f37a4a6f4c04422
4ed90273d82c4833c5c2eeca80e1f52fe5eb5939d0af2a126a626079ace73070
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4ED90273D82C4833C5C2EECA80E1F52FE5EB5939D0AF2A126A626079ACE73070"
Last-Modified: Tue, 08 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3280
Expires: Wed, 09 Nov 2022 00:52:39 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4928d271ec26fb70fb8f382d5d5891d8
dd53c66dc0a2fdf2dad3b4a88f37a4a6f4c04422
4ed90273d82c4833c5c2eeca80e1f52fe5eb5939d0af2a126a626079ace73070
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4ED90273D82C4833C5C2EECA80E1F52FE5EB5939D0AF2A126A626079ACE73070"
Last-Modified: Tue, 08 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3280
Expires: Wed, 09 Nov 2022 00:52:39 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 4928d271ec26fb70fb8f382d5d5891d8
dd53c66dc0a2fdf2dad3b4a88f37a4a6f4c04422
4ed90273d82c4833c5c2eeca80e1f52fe5eb5939d0af2a126a626079ace73070
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4ED90273D82C4833C5C2EECA80E1F52FE5EB5939D0AF2A126A626079ACE73070"
Last-Modified: Tue, 08 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3347
Expires: Wed, 09 Nov 2022 00:53:46 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 630de0b13940c0ce9309faaf10e4fd01
57eb122012d0f63d4b64f9411e0bf4505f5fd906
5b6970cd35c28fecd95c695106e815d0d829452c85703deb85750679f96edc56
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "5B6970CD35C28FECD95C695106E815D0D829452C85703DEB85750679F96EDC56"
Last-Modified: Tue, 08 Nov 2022 23:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3284
Expires: Wed, 09 Nov 2022 00:52:43 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 630de0b13940c0ce9309faaf10e4fd01
57eb122012d0f63d4b64f9411e0bf4505f5fd906
5b6970cd35c28fecd95c695106e815d0d829452c85703deb85750679f96edc56
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "5B6970CD35C28FECD95C695106E815D0D829452C85703DEB85750679F96EDC56"
Last-Modified: Tue, 08 Nov 2022 23:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3317
Expires: Wed, 09 Nov 2022 00:53:16 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b95f476dc7d55ed3f32b08bf71dc7ed5
538b5a8816a5fa317c1d1caa96e01c4bbdfc36c2
8ad0ea7133a1b980ff73281367e81f06e8c8b89a45be6fcc1b9d38487bbd6edf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AD0EA7133A1B980FF73281367E81F06E8C8B89A45BE6FCC1B9D38487BBD6EDF"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 09 Nov 2022 00:57:59 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b95f476dc7d55ed3f32b08bf71dc7ed5
538b5a8816a5fa317c1d1caa96e01c4bbdfc36c2
8ad0ea7133a1b980ff73281367e81f06e8c8b89a45be6fcc1b9d38487bbd6edf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AD0EA7133A1B980FF73281367E81F06E8C8B89A45BE6FCC1B9D38487BBD6EDF"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Wed, 09 Nov 2022 00:57:22 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b95f476dc7d55ed3f32b08bf71dc7ed5
538b5a8816a5fa317c1d1caa96e01c4bbdfc36c2
8ad0ea7133a1b980ff73281367e81f06e8c8b89a45be6fcc1b9d38487bbd6edf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AD0EA7133A1B980FF73281367E81F06E8C8B89A45BE6FCC1B9D38487BBD6EDF"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Wed, 09 Nov 2022 00:56:29 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b95f476dc7d55ed3f32b08bf71dc7ed5
538b5a8816a5fa317c1d1caa96e01c4bbdfc36c2
8ad0ea7133a1b980ff73281367e81f06e8c8b89a45be6fcc1b9d38487bbd6edf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AD0EA7133A1B980FF73281367E81F06E8C8B89A45BE6FCC1B9D38487BBD6EDF"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3581
Expires: Wed, 09 Nov 2022 00:57:40 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b95f476dc7d55ed3f32b08bf71dc7ed5
538b5a8816a5fa317c1d1caa96e01c4bbdfc36c2
8ad0ea7133a1b980ff73281367e81f06e8c8b89a45be6fcc1b9d38487bbd6edf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8AD0EA7133A1B980FF73281367E81F06E8C8B89A45BE6FCC1B9D38487BBD6EDF"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Wed, 09 Nov 2022 00:57:33 GMT
Date: Tue, 08 Nov 2022 23:57:59 GMT
Connection: keep-alive
secured.nedbank.co.za/contact-blank-green.a180fba4b897921edd0b.svg
168.142.204.82200 OK 17 kB URL HTTP/1.1 secured.nedbank.co.za/contact-blank-green.a180fba4b897921edd0b.svg
IP 168.142.204.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Hash 3f48eb6b4ac2077cb769cbed8e3408a6
c0d2f09113f5f98e53464a7b6d307cb46315d285
ee168e98fa02f4c05c213b298a4e653bb18659474c5a249e612d118bfe3e6251
GET /contact-blank-green.a180fba4b897921edd0b.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:58:00 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de3378f99eec7dab85d77e523901f5e51ddbb9fe8970cc743f1c6ec045542e7e2dd88; Path=/
secured.nedbank.co.za/location-blank-green.4b8e66bca4aac4a2aad6.svg
168.142.204.82200 OK 17 kB URL HTTP/1.1 secured.nedbank.co.za/location-blank-green.4b8e66bca4aac4a2aad6.svg
IP 168.142.204.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Hash 3f48eb6b4ac2077cb769cbed8e3408a6
c0d2f09113f5f98e53464a7b6d307cb46315d285
ee168e98fa02f4c05c213b298a4e653bb18659474c5a249e612d118bfe3e6251
GET /location-blank-green.4b8e66bca4aac4a2aad6.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:57:59 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de33786836d4faf14b9a81cc00b8825c9385608e30f1eef336e9f464eb5abda83517d; Path=/
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
122.201.118.157200 OK 165 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type OpenType font data\012- data
Size 165 kB (165396 bytes)
Hash 12d6724a254d3be629fc6b2871ae5a6a
d3a93c9ed090be9366b9513e5515e8e19ff48459
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.spacesailer27.org.au
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:59 GMT
content-type: font/otf
content-length: 165396
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
secured.nedbank.co.za/nedbank.ico
168.142.204.82200 OK 1.4 kB URL HTTP/1.1 secured.nedbank.co.za/nedbank.ico
IP 168.142.204.82:0
File type MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Hash 68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5
GET /nedbank.ico HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: image/x-icon
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:58:01 GMT
Content-Length: 1430
Set-Cookie: TS01176d8b=01db7de33746620bbca75b51aa73c85f1acfde524900916caeaae62269d05f7df15e0e1aef; Path=/
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf
122.201.118.157200 OK 162 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type OpenType font data\012- data
Size 162 kB (162260 bytes)
Hash 8531ae94f5ad973be8b718f88e9660ed
a6d5635dcebab54c459a725da9a892017627a994
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.spacesailer27.org.au
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:59 GMT
content-type: font/otf
content-length: 162260
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf
122.201.118.157200 OK 166 kB URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type OpenType font data\012- data
Size 166 kB (165936 bytes)
Hash 476d44b0f6c8939bb8859c9ce7598310
cd8fb565970c2750a12b3b47b1869578f7a041fb
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.spacesailer27.org.au
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:59 GMT
content-type: font/otf
content-length: 165936
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
X-Firefox-Spdy: h2
spacesailer27.org.au/GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
122.201.118.157301 Moved Permanently 0 B URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spacesailer27.org.au/GTRFV/n1/secominuo/styles/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 23:57:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.spacesailer27.org.au/GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
X-Firefox-Spdy: h2
www.spacesailer27.org.au/GTRFV/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg
122.201.118.157404 Not Found 11 kB URL HTTP/2 www.spacesailer27.org.au/GTRFV/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9492), with CRLF, LF line terminators
Hash 36bccd0371df3eed9aaceda97d03d79b
d12de291de19816985f10383f9471b89efea333d
7bda042520230b79dea9487a4d3063b52caf5308642110a8ea2eba017e3141f0
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg HTTP/1.1
Host: www.spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/GTRFV/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 23:57:59 GMT
content-type: text/html; charset=UTF-8
content-length: 11040
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.spacesailer27.org.au/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.spacesailer27.org.au/GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
122.201.118.157404 Not Found 11 kB URL HTTP/2 www.spacesailer27.org.au/GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9492), with CRLF, LF line terminators
Hash 36bccd0371df3eed9aaceda97d03d79b
d12de291de19816985f10383f9471b89efea333d
7bda042520230b79dea9487a4d3063b52caf5308642110a8ea2eba017e3141f0
Analyzer Verdict Alert fortinet Phishing
GET /GTRFV/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg HTTP/1.1
Host: www.spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spacesailer27.org.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 23:58:02 GMT
content-type: text/html; charset=UTF-8
content-length: 11040
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.spacesailer27.org.au/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secured.nedbank.co.za/tncs.04b64534a4bbcb7c2676.svg
168.142.204.82200 OK 0 B URL HTTP/1.1 secured.nedbank.co.za/tncs.04b64534a4bbcb7c2676.svg
IP 168.142.204.82:0
GET /tncs.04b64534a4bbcb7c2676.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:58:00 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de33703045e74e22f9f87c12380570075178313e67497f97065a1ab40316a18dbb301; Path=/
spacesailer27.org.au/GTRFV/n1/secominuo/styles/styles.css
122.201.118.157200 OK 0 B URL HTTP/2 spacesailer27.org.au/GTRFV/n1/secominuo/styles/styles.css
IP 122.201.118.157:0
ASN #38719 Dreamscape Networks Limited
GET /GTRFV/n1/secominuo/styles/styles.css HTTP/1.1
Host: spacesailer27.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 23:57:58 GMT
content-type: text/css
last-modified: Thu, 27 Feb 2020 05:20:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secured.nedbank.co.za/NedbankIcon.ef111dcaf7b1952d120f.svg
168.142.204.82200 OK 0 B URL HTTP/1.1 secured.nedbank.co.za/NedbankIcon.ef111dcaf7b1952d120f.svg
IP 168.142.204.82:0
GET /NedbankIcon.ef111dcaf7b1952d120f.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:57:59 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de3372d349c219d26abb138cf257537dcb39bec5c7ca5368eee8b5e9166f8b3c16e8c; Path=/
secured.nedbank.co.za/contact-footer.ff0deb4d99b5c501e332.svg
168.142.204.82200 OK 0 B URL HTTP/1.1 secured.nedbank.co.za/contact-footer.ff0deb4d99b5c501e332.svg
IP 168.142.204.82:0
GET /contact-footer.ff0deb4d99b5c501e332.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:57:59 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337a9dd2b9c7df258d3b047739001f8af8cb88132c48993eb25366b7e7f9d48d177; Path=/
secured.nedbank.co.za/location-blank.e36d304f8628a21886d3.svg
168.142.204.82200 OK 0 B URL HTTP/1.1 secured.nedbank.co.za/location-blank.e36d304f8628a21886d3.svg
IP 168.142.204.82:0
GET /location-blank.e36d304f8628a21886d3.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:58:00 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337f7133251d5368bcdf09a317f3de3fb6cd15bc1941f9dd41fd859ac6809b1a66f; Path=/
secured.nedbank.co.za/phoneicon.d20aa97e94487e70b840.svg
168.142.204.82200 OK 0 B URL HTTP/1.1 secured.nedbank.co.za/phoneicon.d20aa97e94487e70b840.svg
IP 168.142.204.82:0
GET /phoneicon.d20aa97e94487e70b840.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spacesailer27.org.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Fri, 14 Oct 2022 07:57:20 GMT
Accept-Ranges: bytes
ETag: "0f0e595a2dfd81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Tue, 08 Nov 2022 23:57:59 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337db47047d66706edaabda8e0b142cfe4f2b00ecd0bdc573954f3804584f411941; Path=/