Report - dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm

Report Overview

Submitted URL
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
IP
98.191.160.105
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC
Submitted
2022-11-30 10:42:45
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Nedbank

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	35 kB	216.58.207.202
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
dallas-fort-worth-auctioneering.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.0 kB	376 kB	98.191.160.105
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.136.7
ocsp.entrust.net	1208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	18 kB	104.110.10.32
secured.nedbank.co.za	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	112 kB	168.142.204.82
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm	NedBank Limited

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-easy.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-secure.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/GooglePlay.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/AppStoreBadge.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-fast.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg	Phishing
2022-11-30	medium	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 06:54:07 Times Seen118633 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm	1.5 kB	2023-03-11	2023-03-11
Pretty URL dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm IP 98.191.160.105 ASN #22773 ASN-CXA-ALL-CCI-22773-RDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:58:21 Last Seen2023-03-11 22:58:21 Times Seen1 Hash a9f0f0f8127d87096dec1aa1b55f5596 d1685415b5a9e2ed842cc958569e91d5529afd97 42298e23265911b27cc82539fa674b2a23ad686715c348595e158c88e9845798 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8966
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 10:42:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6161
Expires: Wed, 30 Nov 2022 12:25:15 GMT
Date: Wed, 30 Nov 2022 10:42:34 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:42:34 GMT
Last-Modified: Wed, 30 Nov 2022 09:51:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /bymtoG10OjeroF4kNyZyrnWFQx82ejEmMJqMldKIZsLmOGbX1aMT8Ni27go9AVZz4uIR+BxYRo=
x-amz-request-id: T99XMM6QM9Q4G1A5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 09:45:11 GMT
age: 3443
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 10:18:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1473
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 10:42:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm

98.191.160.105

200 OK

12 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (36427)
Size
12 kB (12210 bytes)
Hash
96618688d8045fc01f71cd29cee7a4c8
447fe62b41c58c4cb29fa993f61c3f4918452f60
19be0158826882a5b98c746c6c045c92c845b41964ee5dba890a1306113386c7

Detections

Analyzer	Verdict	Alert
openphish	NedBank Limited
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/NedbankMoney.htm HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:32 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2022 10:33:33 GMT
ETag: "16d90-5eeada2e3e35b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Content-Length: 12210
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 10:11:14 GMT
cache-control: public,max-age=3600
age: 1880
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:42:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3031
Cache-Control: max-age=170088
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:42:34 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:57:22 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

216.58.207.202

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 575494
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 10:42:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/styles.css

98.191.160.105

200 OK

30 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/styles.css
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
ASCII text, with very long lines (51801)
Size
30 kB (30475 bytes)
Hash
37bfb7dfbb4262c23dd7313ba8a5f937
9f12ba404ebe5cc214f4241ce83be5b1be6b810a
b37c64358fe1c9e9515766fd1f39b99b2e2d3c094c302c096c0c8e2e8d2bb083

HTTP Headers

GET /fr/n1/secominuo/styles/styles.css HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "2b40c-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Content-Length: 30475
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

push.services.mozilla.com/

52.89.136.7

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.136.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +ezYDfB9KEuQr5F06VD6Bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OXHQIrSs8c2Hn4Kr09ccY6jJl+A=

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-easy.svg

98.191.160.105

200 OK

1.7 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-easy.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2053)
Size
1.7 kB (1665 bytes)
Hash
056295eba6137f8e2eea8b3693fec7da
fa0712e253a2cccb516dbb68ab7f7e8e9f50d0f9
d9fb0964416a8720ee75d75e8fd85c3bc4f3efeaad8125f8024514672e56c802

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/login-easy.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "1001-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 1665
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-secure.svg

98.191.160.105

200 OK

1.8 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-secure.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2575)
Size
1.8 kB (1760 bytes)
Hash
4b2d4205660114d07256509fd171450b
d2e1b0f425c4e3fd1b5e885db4bb1b2bc308a28e
48f2db584eb58336cd33ead27f4a79b9180115a1fc9983e42912f8b9571265cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/login-secure.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "1561-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 1760
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/GooglePlay.svg

98.191.160.105

200 OK

5.0 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/GooglePlay.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Size
5.0 kB (4953 bytes)
Hash
6e6b7eea81cb48e2721eddc3c424c4b1
92d4326bc6ac5cd3561d383137fc01bffaed6e77
bca0b9b50d9afa93ff5e3aa149e55b40447307b4759f83f2d74f11e550db956c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/GooglePlay.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "590b-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 4953
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/AppStoreBadge.svg

98.191.160.105

200 OK

4.6 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/AppStoreBadge.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.6 kB (4609 bytes)
Hash
9bcce5b42e797c377683663b5b4c06cb
fb5a9da9a23380bc95655810b10939650efa60dc
76e76afdeb673cd60219a49ced64476fbd3daff5282a6f0595c3889deed76693

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/AppStoreBadge.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "2fc0-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 4609
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/images/entrust_site_seal_ssl.png

98.191.160.105

200 OK

19 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/images/entrust_site_seal_ssl.png
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Size
19 kB (18758 bytes)
Hash
e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54

HTTP Headers

GET /fr/n1/secominuo/images/entrust_site_seal_ssl.png HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "4946-59f90437e2200"
Accept-Ranges: bytes
Content-Length: 18758
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Referrer-Policy: 
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-fast.svg

98.191.160.105

200 OK

2.3 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/login-fast.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2974)
Size
2.3 kB (2314 bytes)
Hash
71375120f86057d94787719d755467a3
ce062d2c12c1ffc2baa423ac9bc609d77203d438
281b56643b9a690d21d345aa5ddbee8736325e2a34ee567036c133c6e29e137e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/login-fast.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "1474-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 2314
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf

98.191.160.105

200 OK

74 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
OpenType font data\012- data
Size
74 kB (74268 bytes)
Hash
b9584bcbafb9479e5e42153fc1bf65ec
3dc261a3b25d194fdc47e2a52f58c9e39d9feca8
ea57b81df9510a3036b9079f61ca19c3d9a748c7d654fb0d9ec34515eeed92b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "28830-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-font-otf

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/images/NedbankLogin.png

98.191.160.105

200 OK

75 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/images/NedbankLogin.png
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
PNG image data, 1886 x 1843, 8-bit colormap, non-interlaced\012- data
Size
75 kB (74758 bytes)
Hash
fafe079d24657360aeb75ecb858f7a0f
7a4ab86f928fa43e42ba241ebb8858cf85fea99b
98abae8830ada4659fe72d966fbf8e96c3607a71283e45f0904214004c520f41

HTTP Headers

GET /fr/n1/secominuo/images/NedbankLogin.png HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "12406-59f90437e2200"
Accept-Ranges: bytes
Content-Length: 74758
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Referrer-Policy: 
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf

98.191.160.105

200 OK

73 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
OpenType font data\012- data
Size
73 kB (72933 bytes)
Hash
da06716b5d7fe59fe0028d4ea76686cd
75670f7aafe82297e1fa876e2f8d8729c742dd44
bd50ef2915dbd8a4b7e30270c88ce5db87ddb5160549032b76762e1c21d2b7e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "28614-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-font-otf

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf

98.191.160.105

200 OK

70 kB

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type
OpenType font data\012- data
Size
70 kB (70151 bytes)
Hash
435c7282d13b856eaa78c08489e93757
f99fa78fd4cd9007abde06173a1cce5b8013bef0
133ba22b97b0170de0ef7d4ca30cb3cc87ab8713432aa5175d0a4af128f6fc03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/fonts/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:20:40 GMT
ETag: "279d4-59f90437e2200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 30 Nov 2023 10:42:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: 
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, Authorization
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-font-otf

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
5472e305ccc16bc14588195ad1de52db
0294807df442fe713e8b21beb775b03238cc4a08
348b31963795c8833be76579673d214a1118a2cd8c65982549f470c1b84ed3bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "348B31963795C8833BE76579673D214A1118A2CD8C65982549F470C1B84ED3BF"
Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3481
Expires: Wed, 30 Nov 2022 11:40:36 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
5472e305ccc16bc14588195ad1de52db
0294807df442fe713e8b21beb775b03238cc4a08
348b31963795c8833be76579673d214a1118a2cd8c65982549f470c1b84ed3bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "348B31963795C8833BE76579673D214A1118A2CD8C65982549F470C1B84ED3BF"
Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3532
Expires: Wed, 30 Nov 2022 11:41:27 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
5472e305ccc16bc14588195ad1de52db
0294807df442fe713e8b21beb775b03238cc4a08
348b31963795c8833be76579673d214a1118a2cd8c65982549f470c1b84ed3bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "348B31963795C8833BE76579673D214A1118A2CD8C65982549F470C1B84ED3BF"
Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 30 Nov 2022 11:42:35 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
5472e305ccc16bc14588195ad1de52db
0294807df442fe713e8b21beb775b03238cc4a08
348b31963795c8833be76579673d214a1118a2cd8c65982549f470c1b84ed3bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "348B31963795C8833BE76579673D214A1118A2CD8C65982549F470C1B84ED3BF"
Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3593
Expires: Wed, 30 Nov 2022 11:42:28 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
96c96bcec07a5a2fc670527c9b5da94f
2ec89e54acd454f6029b8dc8f5cab4ac7138e931
e3d7b0a5671ebb74fececbb755e145e83ea059b9a750e363fcba0a37b25bbd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E3D7B0A5671EBB74FECECBB755E145E83EA059B9A750E363FCBA0A37B25BBD5E"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 30 Nov 2022 11:42:35 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
96c96bcec07a5a2fc670527c9b5da94f
2ec89e54acd454f6029b8dc8f5cab4ac7138e931
e3d7b0a5671ebb74fececbb755e145e83ea059b9a750e363fcba0a37b25bbd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E3D7B0A5671EBB74FECECBB755E145E83EA059B9A750E363FCBA0A37B25BBD5E"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 30 Nov 2022 11:42:35 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
96c96bcec07a5a2fc670527c9b5da94f
2ec89e54acd454f6029b8dc8f5cab4ac7138e931
e3d7b0a5671ebb74fececbb755e145e83ea059b9a750e363fcba0a37b25bbd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E3D7B0A5671EBB74FECECBB755E145E83EA059B9A750E363FCBA0A37B25BBD5E"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3578
Expires: Wed, 30 Nov 2022 11:42:13 GMT
Date: Wed, 30 Nov 2022 10:42:35 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
96c96bcec07a5a2fc670527c9b5da94f
2ec89e54acd454f6029b8dc8f5cab4ac7138e931
e3d7b0a5671ebb74fececbb755e145e83ea059b9a750e363fcba0a37b25bbd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E3D7B0A5671EBB74FECECBB755E145E83EA059B9A750E363FCBA0A37B25BBD5E"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 30 Nov 2022 11:42:36 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

secured.nedbank.co.za/NedbankIcon.ef111dcaf7b1952d120f.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/NedbankIcon.ef111dcaf7b1952d120f.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /NedbankIcon.ef111dcaf7b1952d120f.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:35 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de3375acb0026e509bdf1dda1e422a4f74b97b2864e98fa9eb18828bdb092f9b2568d; Path=/

secured.nedbank.co.za/location-blank-green.4b8e66bca4aac4a2aad6.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/location-blank-green.4b8e66bca4aac4a2aad6.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /location-blank-green.4b8e66bca4aac4a2aad6.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:35 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de33761eeae94eeb9978fa304a481b21f180565203a9bca9abf8d91f705327e051378; Path=/

secured.nedbank.co.za/contact-blank-green.a180fba4b897921edd0b.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/contact-blank-green.a180fba4b897921edd0b.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /contact-blank-green.a180fba4b897921edd0b.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:35 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337199de2ddffd5007afa489cf247c6e9297314236a42dfb058cb55cccc91204d2c; Path=/

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
96c96bcec07a5a2fc670527c9b5da94f
2ec89e54acd454f6029b8dc8f5cab4ac7138e931
e3d7b0a5671ebb74fececbb755e145e83ea059b9a750e363fcba0a37b25bbd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "E3D7B0A5671EBB74FECECBB755E145E83EA059B9A750E363FCBA0A37B25BBD5E"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Wed, 30 Nov 2022 11:41:48 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

secured.nedbank.co.za/phoneicon.d20aa97e94487e70b840.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/phoneicon.d20aa97e94487e70b840.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /phoneicon.d20aa97e94487e70b840.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:35 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337d413a31e4f19abca829ac9afd504f3710e776a6faeb2b4ab7d95a5dcb095c861; Path=/

secured.nedbank.co.za/location-blank.e36d304f8628a21886d3.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/location-blank.e36d304f8628a21886d3.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /location-blank.e36d304f8628a21886d3.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:36 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de33735138666ebd2afd01e62ce5d70d90877f8df4647c920ce98c548a2366ff3e4ca; Path=/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Wed, 30 Nov 2022 12:14:59 GMT
Date: Wed, 30 Nov 2022 10:42:36 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 46385
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 45230
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 43647
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 45971
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9670 bytes)
Hash
33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 46382
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 46185
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

secured.nedbank.co.za/contact-footer.ff0deb4d99b5c501e332.svg

168.142.204.82

200 OK

17 kB

URL HTTP/1.1
secured.nedbank.co.za/contact-footer.ff0deb4d99b5c501e332.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7310)
Size
17 kB (17327 bytes)
Hash
4f74a77200639697dbecc5d6c01db1c2
4fd0e29cc4cb42eb35b645f14e7009a152e55a6b
5d7b68a55b88f8f1f2ff789cb481b00236e8d8b72d998907fc5d2884f945d9fb

HTTP Headers

GET /contact-footer.ff0deb4d99b5c501e332.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:36 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de337557107f8f61a83f10e327ccaa53706342bc5ff639310914458b50bf06e97dc81; Path=/

secured.nedbank.co.za/nedbank.ico

168.142.204.82

200 OK

1.4 kB

URL HTTP/1.1
secured.nedbank.co.za/nedbank.ico
IP
168.142.204.82:0
ASN
#3741 IS

File type
MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Size
1.4 kB (1430 bytes)
Hash
68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5

HTTP Headers

GET /nedbank.ico HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: image/x-icon
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:20 GMT
Accept-Ranges: bytes
ETag: "0265dbf6cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:36 GMT
Content-Length: 1430
Set-Cookie: TS01176d8b=01db7de337f793571215c64023400f02345c0aeae7197bdfd677dea3483e828edb9302f6ed; Path=/

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg

98.191.160.105

404 Not Found

0 B

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/styles/Eye-Show.e1de9570f043be4db21c.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/styles/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://dallas-fort-worth-auctioneering.com/wp-json/>; rel="https://api.w.org/"
Referrer-Policy: 
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

dallas-fort-worth-auctioneering.com/fr/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg

98.191.160.105

404 Not Found

0 B

URL HTTP/1.1
dallas-fort-worth-auctioneering.com/fr/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg
IP
98.191.160.105:0
ASN
#22773 ASN-CXA-ALL-CCI-22773-RDC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fr/n1/secominuo/PPP.cee7674f38c105ee0fb4.svg HTTP/1.1
Host: dallas-fort-worth-auctioneering.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/fr/n1/secominuo/NedbankMoney.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 10:42:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://dallas-fort-worth-auctioneering.com/wp-json/>; rel="https://api.w.org/"
Referrer-Policy: 
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

secured.nedbank.co.za/tncs.04b64534a4bbcb7c2676.svg

168.142.204.82

200 OK

0 B

URL HTTP/1.1
secured.nedbank.co.za/tncs.04b64534a4bbcb7c2676.svg
IP
168.142.204.82:0
ASN
#3741 IS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tncs.04b64534a4bbcb7c2676.svg HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dallas-fort-worth-auctioneering.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Tue, 08 Nov 2022 12:22:22 GMT
Accept-Ranges: bytes
ETag: "0538ec06cf3d81:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 30 Nov 2022 10:42:36 GMT
Content-Length: 17327
Set-Cookie: TS01176d8b=01db7de33778d90e00fb7ac22a8741b94047b05d40a313f7a99979d6eaba1936df55428c58; Path=/

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (54)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size