ocsp.pki.goog/gts1c3
471 B IP
Hash b9385c929b601d930b3c5f536aac09d1
9a1988349002870a20e310deeedc966c5e513c3b
0024c7d008bc40a0c82c0b36898b49cc99d8aee177db4adbc1616e16d6c5030f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 00:04:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nedm.page.link/jdF1
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish NedBank Limited
GET /jdF1 HTTP/1.1
Host: nedm.page.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Jun 2023 00:04:46 GMT
location: https://neddev.z22.web.core.windows.net/
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport, script-src 'nonce-yM_S7yaPZmgfWZYaGjiZIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash b9385c929b601d930b3c5f536aac09d1
9a1988349002870a20e310deeedc966c5e513c3b
0024c7d008bc40a0c82c0b36898b49cc99d8aee177db4adbc1616e16d6c5030f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 00:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neddev.z22.web.core.windows.net/
122 B URL neddev.z22.web.core.windows.net/
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with no line terminators
Hash 6a6c040a575c612a2f050485a48df500
1c8adf3d18160f0382089ccf6f92b99ecd08e2a2
8de7b3a814c967c3fca0dc3bde2d4ff56f62d80b596a6b68ba51d023fb7e2c46
Analyzer Verdict Alert openphish NedBank Limited
phishtank Other
GET / HTTP/1.1
Host: neddev.z22.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 122
Content-Type: text/html
Content-MD5: amwECldcYSovBQSFpI31AA==
Last-Modified: Wed, 07 Jun 2023 07:39:15 GMT
Accept-Ranges: bytes
ETag: "0x8DB672A4B8447AB"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7e7502f3-c01e-0031-022f-9bc5d0000000
x-ms-version: 2018-03-28
Date: Sat, 10 Jun 2023 00:04:47 GMT
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG
200 OK 51 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type PNG image data, 57 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash b593b661140ec418f761a7aacee763fc
ab4594a13e39bee98e043a4c14b1e852e9538ec4
387eb324b928bd34df5a8e5ec66bd548c64598c979c16a4bd100269d46940c0d
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/png
content-length: 51356
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: "c89c-5f03591f15b00"
cache-control: max-age=31536000
expires: Sat, 08 Jun 2024 23:27:19 GMT
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png
200 OK 19 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/png
content-length: 18758
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: "4946-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sat, 08 Jun 2024 23:27:19 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/NedbankIcon.7492cce283df004f1ef8.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/NedbankIcon.7492cce283df004f1ef8.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/NedbankIcon.7492cce283df004f1ef8.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/icon-chat-thin.e1e44890317f84171fc1.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/icon-chat-thin.e1e44890317f84171fc1.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/icon-chat-thin.e1e44890317f84171fc1.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/location-blank-green.a212a0d3423c5f200809.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/location-blank-green.a212a0d3423c5f200809.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/location-blank-green.a212a0d3423c5f200809.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/contact-blank-green.0dde8e4b338f10363bc5.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/contact-blank-green.0dde8e4b338f10363bc5.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/contact-blank-green.0dde8e4b338f10363bc5.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/Arrow.941e2f83c935ad00fedf.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/Arrow.941e2f83c935ad00fedf.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/Arrow.941e2f83c935ad00fedf.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/outline-cheque.fe9bf6957964461d3cd2.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/outline-cheque.fe9bf6957964461d3cd2.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/outline-cheque.fe9bf6957964461d3cd2.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/close-gray.840a1d9e5d4f2693cbdf.svg
404 Not Found 0 B URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/close-gray.840a1d9e5d4f2693cbdf.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/close-gray.840a1d9e5d4f2693cbdf.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff
404 Not Found 9.5 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2398), with CRLF, LF line terminators
Hash c0763811171bcc78b72c44fb5bcc786a
53548ce0a1cd2e63f2134007e8ab71841b038db9
1f447d6c8ae83b7e81175014d4848bb6c98b4c468f0bbc6cf9ece1ce492abc4e
GET /assets/fonts/fonts/FFMarkWebProMedium.woff HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:50 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
secured.nedbank.co.za/nedbank.ico
200 OK 1.4 kB URL GET HTTP/1.1 secured.nedbank.co.za/nedbank.ico
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerEntrust, Inc.
Subjectsecured.nedbank.co.za
Fingerprint27:6E:B2:A8:CF:7A:D1:FC:6E:6D:D5:29:06:99:4D:01:35:45:65:F3
ValidityMon, 05 Sep 2022 09:09:21 GMT - Wed, 04 Oct 2023 09:09:21 GMT
File type MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel\012- data
Hash 68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5
GET /nedbank.ico HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: image/x-icon
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Wed, 10 May 2023 07:45:08 GMT
Accept-Ranges: bytes
ETag: "09a83571383d91:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net *.advanced-web-analytics.com https://nedbank.demdex.net blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Sat, 10 Jun 2023 00:04:51 GMT
Content-Length: 1430
8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
200 OK 128 kB URL User Request GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
IP
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Size 128 kB (127924 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish NedBank Limited
GET /static/frontend/ne/index.html HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neddev.z22.web.core.windows.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 07 Jun 2023 06:54:27 GMT
etag: W/"1f3b4-5fd849b536ec0"
cache-control: max-age=31536000, public
expires: Sun, 09 Jun 2024 00:04:48 GMT
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
x-cache-nxaccel: BYPASS
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:50 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg
200 OK 4.1 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4231), with no line terminators
Hash 2fc9f08e613579093f4d71ffd43a51bf
7fac40ac3bea5f6f30ee4ac2b848e632d9d9b1f7
aef77e4450f134fe19b5cddc70b04832ed821308a2a864f05402b82915e3c0c0
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"1033-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sun, 09 Jun 2024 00:04:48 GMT
x-frame-options: SAMEORIGIN
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.ttf
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.ttf
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProRegular.ttf HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:50 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProRegular.woff HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:51 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg
200 OK 12 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"2fc0-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sat, 08 Jun 2024 23:27:19 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.ttf
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.ttf
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProMedium.ttf HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:50 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg
200 OK 12 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (893)
Hash 3c30ea4f3370147c14d614b4e82323b1
f212ae8d2f0d655a1aed7ca8b43c13ba96aa159e
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"3034-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sat, 08 Jun 2024 23:27:19 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg
200 OK 5.3 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5365), with no line terminators
Hash 5cd91accf73e6b9f746134bbb7ea1f2a
c2070544e4084137e5b9efcea142e84e60a896e5
9e2d031ad8c09fe80397fc2adabd092ad01272da26dcf31125c8ca795ce88012
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"14a6-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sun, 09 Jun 2024 00:04:48 GMT
x-frame-options: SAMEORIGIN
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg
200 OK 23 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2954)
Hash 56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"590b-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sat, 08 Jun 2024 23:27:19 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.eot
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.eot
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProMedium.eot HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:49 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:49 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff2
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff2
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProRegular.woff2 HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:51 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:51 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff2
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff2
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/fonts/FFMarkWebProMedium.woff2 HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:50 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:50 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
200 OK 243 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Size 243 kB (242977 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"3b521-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sat, 08 Jun 2024 23:19:20 GMT
x-frame-options: SAMEORIGIN
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg
200 OK 5.5 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5602), with no line terminators
Hash ec77541dd906515792c992b8d0195cb6
64cdce0889a4fe3de3290b7d7a10e32f888e66e4
c7c122731086fe49e7c39bd0eb4fb48d3724a238f148ff8f9fe7b903e8b855ba
Analyzer Verdict Alert urlquery phishing Phishing - Nedbank
urlquery phishing Phishing - Nedbank
GET /static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 00:04:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 22:09:16 GMT
etag: W/"1593-5f03591f15b00"
cache-control: max-age=31536000, public
expires: Sun, 09 Jun 2024 00:04:48 GMT
x-frame-options: SAMEORIGIN
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:49 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=24f84bd1b7a407f7c101b1f68df7c06f; expires=Sat, 10-Jun-2023 01:04:49 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:49 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=e11ed4e2d299547d7726edb698f8d9f9; expires=Sat, 10-Jun-2023 01:04:49 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf
404 Not Found 38 kB URL GET HTTP/2 8cbc51d0fd.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf
IP
Requested by https://8cbc51d0fd.nxcli.io/static/frontend/ne/index.html
Certificate IssuerLet's Encrypt
Subject8cbc51d0fd.nxcli.io
FingerprintCC:D9:F9:62:5E:D0:F1:FC:31:F9:89:4C:B4:0C:73:EF:0E:5B:82:2C
ValiditySat, 03 Jun 2023 05:15:43 GMT - Fri, 01 Sep 2023 05:15:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf HTTP/1.1
Host: 8cbc51d0fd.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8cbc51d0fd.nxcli.io/static/frontend/ne/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 00:04:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: cache
expires: Sun, 11 Jun 2023 00:04:49 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-tags: cat_c,store,cms_b,cms_p_1,FPC
content-security-policy-report-only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: PHPSESSID=9947aa661238e47e597e9e5e2a365ed4; expires=Sat, 10-Jun-2023 01:04:49 GMT; Max-Age=3600; path=/; domain=8cbc51d0fd.nxcli.io; secure; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
142.250.74.131
168.142.204.82