| jpn144.sfdc-mchho0.salesforce.com/brand-asset/CAAAAY71TOs-AAAAAAAAAAAAAAAAAAAAAAAA-AaZYsDdRW67K-RLa3Y380S9zdm0HVA0x6gtNKeHQvZ2Fkq8tI5FA19PSavyjnICsq1SWDJoBetz8MRDvblpbcCVL50QXrqT4oMmjzIKdKMl | 54.168.65.137 | 200 OK | 10 kB |
URL GET HTTP/2jpn144.sfdc-mchho0.salesforce.com/brand-asset/CAAAAY71TOs-AAAAAAAAAAAAAAAAAAAAAAAA-AaZYsDdRW67K-RLa3Y380S9zdm0HVA0x6gtNKeHQvZ2Fkq8tI5FA19PSavyjnICsq1SWDJoBetz8MRDvblpbcCVL50QXrqT4oMmjzIKdKMl IP54.168.65.137:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectjpn144.sfdc-mchho0.salesforce.com Fingerprint3F:58:E6:66:13:8C:27:23:B3:F8:56:3A:6B:8C:EE:38:30:47:32:E7 ValidityMon, 14 Aug 2023 00:00:00 GMT - Tue, 13 Aug 2024 23:59:59 GMT
File typePNG image data, 250 x 125, 8-bit/color RGBA, non-interlaced Hash9d48c515ae968babd29d60892caec0af 7c48b92c6dd2133b0c9c0e427af3526b949c29d7 531cb5b90d3443702841927f297b3fd467410ef621d8f75e405ed461bdbcf54e
GET /brand-asset/CAAAAY71TOs-AAAAAAAAAAAAAAAAAAAAAAAA-AaZYsDdRW67K-RLa3Y380S9zdm0HVA0x6gtNKeHQvZ2Fkq8tI5FA19PSavyjnICsq1SWDJoBetz8MRDvblpbcCVL50QXrqT4oMmjzIKdKMl HTTP/1.1
Host: jpn144.sfdc-mchho0.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
set-cookie: CookieConsentPolicy=0:0; path=/; expires=Fri, 18-Apr-2025 23:40:56 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:0; path=/; expires=Fri, 18-Apr-2025 23:40:56 GMT; Max-Age=31536000; secure; SameSite=None
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
referrer-policy: origin-when-cross-origin
cache-control: public,max-age=3888000
content-type: image/png
p3p: CP="CUR OTR STA"
expires: Sun, 02 Jun 2024 23:40:56 GMT
last-modified: Fri, 1 May 2020 00:45:54 GMT
content-length: 9980
X-Firefox-Spdy: h2
|
|
| login.salesforce.com/login/sessionserver212.html | 85.222.152.67 | 200 OK | 98 B |
URL GET HTTP/1.1login.salesforce.com/login/sessionserver212.html IP85.222.152.67:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectlogin.salesforce.com Fingerprint96:B3:67:7B:A1:37:62:48:91:14:43:0A:1F:CF:BF:7D:16:08:B6:17 ValidityTue, 05 Mar 2024 00:00:00 GMT - Wed, 05 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashf1375ef84643a5974d735836e66d3829 a8ea06a865b284d2965aeb5108c445ff53e5a285 db743dbd91a699d36f6a755ad2c8eec5ce0d1b3715df50a651b7c24de11c1811
GET /login/sessionserver212.html HTTP/1.1
Host: login.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 23:40:56 GMT
Set-Cookie: CookieConsentPolicy=0:0; path=/; expires=Fri, 18-Apr-2025 23:40:56 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:0; path=/; expires=Fri, 18-Apr-2025 23:40:56 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Fri, 19 Apr 2024 23:40:56 GMT
Last-Modified: Wed, 23 Aug 2017 20:39:30 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
|
|
| login.salesforce.com/jslibrary/SessionServer212.js | 85.222.152.67 | 200 OK | 8.8 kB |
URL GET HTTP/1.1login.salesforce.com/jslibrary/SessionServer212.js IP85.222.152.67:443
Requested byhttps://login.salesforce.com/login/sessionserver212.html CertificateIssuerDigiCert Inc Subjectlogin.salesforce.com Fingerprint96:B3:67:7B:A1:37:62:48:91:14:43:0A:1F:CF:BF:7D:16:08:B6:17 ValidityTue, 05 Mar 2024 00:00:00 GMT - Wed, 05 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (575) Hash73a1f29e8c7cd49d00053c5ae784dfa9 eaec29f3ebaa1a5fadf3d326b7d395dfdc9296b7 0e21ffa9feb64d907c7ac56565cd75ebd0db526708f76dfa9ce60e91bf014e7e
GET /jslibrary/SessionServer212.js HTTP/1.1
Host: login.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.salesforce.com/login/sessionserver212.html
DNT: 1
Connection: keep-alive
Cookie: BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg; CookieConsentPolicy=0:0; LSKey-c$CookieConsentPolicy=0:0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 23:40:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Fri, 16 Aug 2024 23:40:56 GMT
Last-Modified: Wed, 10 Apr 2024 05:45:26 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
|
|
| glaisterennor.my.salesforce.com/img/icon/capslock_blue.png | 13.50.12.179 | 200 OK | 1.1 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/img/icon/capslock_blue.png IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typePNG image data, 33 x 43, 8-bit/color RGBA, non-interlaced Hashac9c7dcad893aef596304e944cab79ec c923c43ceb79f6075b1882f4969f3f773792ce10 dc656785426780cf580d12918ffc862cc9da464ca68ebfecf53610d65e5b4a12
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/icon/capslock_blue.png HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:58 GMT
content-type: image/png
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:57 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 04 Apr 2023 21:01:52 GMT
server: sfdcedge
x-sfdc-request-id: 03ccacea17a452f41bbcbc2a67adcffb
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2 | 13.50.12.179 | 200 OK | 77 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hash01937231234f67fcb3a9145da3cfc4d1 d2a0d54c9813b6bee69d0984ae9d5b7570f6fb09 47d659c0f773f13e15fc0f31aa99ce670a4740e026b21da846dbbf40ed9522dc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /css/sfdc_210.css?v=2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: text/css
x-sfdc-request-check: 2
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:56 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 28 Feb 2024 21:26:09 GMT
server: sfdcedge
x-sfdc-request-id: 2ed9c907d54453ef97bba88341ee5e7b
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/favicon.ico | 13.50.12.179 | 200 OK | 90 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/favicon.ico IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashef49a8dc7772c2ba68516e9780a9549a 8b0884f3c339f6366f84b6ae951a28fab75dcd4b 42ce97c67454e99f7c5e5aa6323d18b2891b6a90ab18aaa923db09d128d54b46
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:57 GMT
content-type: image/x-icon
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=3888000
expires: Sun, 02 Jun 2024 23:40:57 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
server: sfdcedge
x-sfdc-request-id: f5acff1332227f153f41db7952c2c721
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css | 104.16.41.28 | 200 OK | 1.3 kB |
URL GET HTTP/2fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeASCII text, with very long lines (2485), with CRLF line terminators Hashf984d1d541d49ae5a02d44d63668a147 40315bc4995213cca2b386aaad2f51b5faef5d62 a57fde5886bc38127ab1ff4e9e8a482afccdbdb72ffb7306da9045e2c4b7f44b
GET /cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: CkbVfPCCVASFU3sZBf0uHpPK7EEWDGfHXM7WmgIqoKwo1//l8vP0IYcpCjDQEjVSIo65Vm1pRPA=
x-amz-request-id: WJ7EGRVTC5G90Y8A
last-modified: Thu, 18 Feb 2021 04:15:57 GMT
etag: W/"f984d1d541d49ae5a02d44d63668a147"
x-amz-meta-mtime: 1510813464
x-amz-version-id: null
cf-cache-status: REVALIDATED
expires: Thu, 18 Apr 2024 23:46:00 GMT
cache-control: public, max-age=300
set-cookie: __cf_bm=T7DnH9InTuG83QPBsGb1LicQV_8_hUhE_0YViXBGTrQ-1713483660-1.0.1.1-uc_PwFauQkdV2w7kSryO9PKqeUGDue2Z1urI8r9qRJEWlwvviw4ot3ifw4KHezlyHMYoK0PqvIXkvH4t2fvRWQ; path=/; expires=Fri, 19-Apr-24 00:11:00 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 876880c9ca53930c-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 | 103.253.193.2 | 200 OK | 87 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typegzip compressed data, from Unix Hash970769667ee0401942fcd00d89b4700a a6faee1f4689281a1494125ef2d27f12e89c8252 47173e6047ec68f9b03f1fc1444371f51b4128fd6cd8ba2e99b0c5b5bfd25bc4
GET /themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 03:54:52 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8c-d44"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 46 kB |
URL GET HTTP/2fast.fonts.net/dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 45700, version 5.-8520 Hash5c748c95a4f3afa6ec56540a6ddd1950 059374eaec96b1a23adf434aa9a24e057b32bbe3 81f5c60e6e440e4cb80660f27628e681a3b6b2449ac3206e9d9ff709a94d39d8
GET /dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: application/octet-stream
content-length: 45700
x-amz-id-2: gtq3MaOZlcnqF5h3I9lycE6yAb9ifnUI5FuY5WUbIopfw5oWNHKs4rbloIyvWABm2Qd/FGygTIk=
x-amz-request-id: GH80QDBFW49ZCC8B
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 08:51:23 GMT
etag: "5c748c95a4f3afa6ec56540a6ddd1950"
x-amz-meta-mtime: 1459543939
x-amz-version-id: null
cf-cache-status: REVALIDATED
expires: Thu, 18 Apr 2024 23:46:00 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=s5Ih1G.3RBr7SJdXw9S8cyQGMsqeSSKAVDpbw9RKULg-1713483660-1.0.1.1-_AhahMoBSA.ROJ1jfuDGcSgt4kCSo9ywd.iUVm3IK73gL8SL8AXNyhxQ7ESL7LDm_G_toDFTmVKi15o6DDljHg; path=/; expires=Fri, 19-Apr-24 00:11:00 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 876880ccfb8d930c-CPH
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 46 kB |
URL GET HTTP/2fast.fonts.net/dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 45548, version 5.-8520 Hash06d773c020eee0c1c3a899cf21f8471b 8d05f195cbb4dd1420566c253c26e787a7a61e7a 0f9d4c7b2dc986be0872e50513b807ba7097b50ab6fe8ff4cca6a2984400e91f
GET /dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: application/octet-stream
content-length: 45548
x-amz-id-2: 2OiOi5ATwkoClRMdMg2tfxAAhZb9mWZfg+4j0OFn337IZ/DqM96Qe3uMudau5DjaKFT/booKgDQ=
x-amz-request-id: QX2JMWV95SX6JYG7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 05:34:46 GMT
etag: "06d773c020eee0c1c3a899cf21f8471b"
x-amz-meta-mtime: 1504562659
x-amz-version-id: null
cf-cache-status: REVALIDATED
expires: Thu, 18 Apr 2024 23:46:00 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=0qa2KYhOXbWI3kpBYd343SZ969rJTPVzSN_l9.DdFjA-1713483660-1.0.1.1-Wt2gjuLM4SSydUZmDjF5L.n4gv19xAdcMow3hEc8V4aaCQj.n2AlGHZ8S40QiWtMECfQRyThRCBEAjgM0L267w; path=/; expires=Fri, 19-Apr-24 00:11:00 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 876880cd0b91930c-CPH
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg | 103.253.193.2 | 200 OK | 195 B |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeSVG Scalable Vector Graphics image Hashaf7cd461f3bae8754d097a0d23e1e1e0 61056053d2d9de859930f22253bf17a44b5e7eb4 b0d8a0e601886f942e323ed90bc97304ffcc9fce985306b99efe61ea41ccd16e
GET /themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: image/svg+xml
content-length: 195
x-accel-version: 0.01
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg | 103.253.193.2 | 200 OK | 49 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashbc81b8fa28a48e3e838c004dae742264 9646a4ad2a213b7800fa35ff35d06526ff37379f 59b31305ebb7cca388c8e4444a65c482ce94beaeda0da92dab1a933609ceff0b
GET /assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 48623
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-bdef"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg | 103.253.193.2 | 200 OK | 61 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashd684b0237cea18e6005ae97176b0a5ee 8bf50e335634c1ec4c8e28ecaadf15d23001730c 1ce3329215421439468d0964238d010b543a393b4221cbfe6618a3cd4ac2c01b
GET /assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 61313
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-ef81"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png | 103.253.193.2 | 200 OK | 1.6 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash07dd169cf4f001e25ea1368fe0e465a3 b9a5fa67992093ab84848bb062fee410104f763d bcdd771d34b6d0649c36342775f44a58f284e0f269ecf1099d5d729781b71e0f
GET /assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/png
content-length: 1648
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-670"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg | 103.253.193.2 | 200 OK | 88 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashf88edfd8513914c49bd822c4b21348a5 1ef4b9e5d40742e45e0e298acf328a05f12e5221 0e2209ab3921d8470ad7334f2ba3e1ff08bc63c351da3b4a59bce7a7c8715138
GET /assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 88349
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-1591d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg | 103.253.193.2 | 200 OK | 233 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size233 kB (233426 bytes) Hash08d7c1b6ccdaf1330556f01785d2f07a e2875514870715ce8a90b5a044a84064765a2990 16bf8a442b30edc6de68ca756d187a928f07eea5992ce0a7386456277eb50063
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 233426
last-modified: Thu, 23 Sep 2021 02:16:04 GMT
cache-control: max-age=604800, public
etag: "614be364-38fd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/LoginHint208.js | 13.50.12.179 | 200 OK | 298 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/LoginHint208.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Size298 kB (298079 bytes) Hash039cf8e1d5a8eedd104eef7206a000aa fcae1b4dc78e26ed3f93084c4ceb2f11cf21e468 f8d13c10ceb2d3372bd25e8cfd0bf95aee10ad9790f49de40c46a43647852809
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/LoginHint208.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:56 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Feb 2024 18:09:51 GMT
server: sfdcedge
x-sfdc-request-id: 9e44fe5457bab7110fd67f10f65e7ff6
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg | 103.253.193.2 | 200 OK | 327 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size327 kB (326558 bytes) Hash5e1fc682f518ec1853ad0253c25ab4f7 0d52639463539ac549e013407238c82860b735c7 02333ab99c0c870ca0b933006cc6c95e7cefa0e017799c09314461b19372db37
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 326558
last-modified: Fri, 18 Sep 2020 03:53:49 GMT
cache-control: max-age=604800, public
etag: "5f642f4d-4fb9e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg | 103.253.193.2 | 200 OK | 329 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size329 kB (328964 bytes) Hash4934b4f59b3c2d15cd431e79de94157c 480312be6796487640d066d72631f1880d15be0d af68301711cb791bfeec8a9cdeaa1562018d3e245000433500c6bccd9c7bd19e
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 328964
last-modified: Thu, 23 Sep 2021 02:14:22 GMT
cache-control: max-age=604800, public
etag: "614be2fe-50504"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg | 103.253.193.2 | 200 OK | 382 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size382 kB (382161 bytes) Hash1f44c912e16d5eb375719454f85e59bb ec9d637a9128a3659622aefc1bfb74528f053c85 35e4c6924c13155cf8a8666928a1480aa5fb6dc56be43edd524bd2f93b557289
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 382161
last-modified: Thu, 23 Sep 2021 02:15:26 GMT
cache-control: max-age=604800, public
etag: "614be33e-5d4d1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg | 103.253.193.2 | 200 OK | 428 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size428 kB (428225 bytes) Hasha7f0c0406c7e3ecb91785babf0162c8f 762d345238b5806b5dbe99d3dd43d155252b176b 49f473d945f583c692a070e27151d71d0a01438de3ce9dd075c5b294682c6849
GET /assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 428225
last-modified: Thu, 17 Mar 2022 21:23:10 GMT
cache-control: max-age=604800, public
etag: "6233a6be-688c1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/LoginMarketingSurveyResponse.js | 13.50.12.179 | 200 OK | 1.2 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/LoginMarketingSurveyResponse.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1193), with no line terminators Hash9a484689c2d2fccff5c3ca2dbd32ebad 0965add55fd00985d6ab0f2aa90b19618ede6fdf 2e69bf42ea41e937c02c69e9616092c329e7497404b397946736d4f22c94e579
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/LoginMarketingSurveyResponse.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:56 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 15 Aug 2023 06:08:04 GMT
server: sfdcedge
x-sfdc-request-id: 371e777ff9ba74faa35228f1968c92b2
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/s.gif | 13.50.12.179 | 200 OK | 43 B |
URL GET HTTP/2glaisterennor.my.salesforce.com/s.gif IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /s.gif HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:57 GMT
content-type: image/gif
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:57 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 27 May 2003 18:28:08 GMT
server: sfdcedge
x-sfdc-request-id: 46c290ac1a3c275d3dcce9b0a872ef27
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 | 13.50.12.179 | 200 OK | 28 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27580, version 1.0 Hash3ccb7b03c77bb2a3e91f6a2fb4c211f8 ac4c4df3c4bcc636190e4f94c7a80b81158d0517 1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: font/woff2
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:56 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 24 Jul 2015 20:32:56 GMT
server: sfdcedge
x-sfdc-request-id: a00cae1e612fe01332883f8a8487c936
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg | 103.253.193.2 | 200 OK | 23 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash0d0a42233f2fcc23ce90ddd7cfe963f3 208abe551ebc00c2572f95871d611d248ca9cee5 cbe394cb7ef9f19b1b8db38df28bd4cba91748712131a4d199cff18332a65407
GET /themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8d-5a88"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 | 13.50.12.179 | 200 OK | 28 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27736, version 1.0 Hashf4c092cda9a56b8e26cc307f208949b4 dac76c1196988545bc7c7609d609fdc58cf079e5 b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:57 GMT
content-type: font/woff2
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:57 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 24 Jul 2015 20:32:55 GMT
server: sfdcedge
x-sfdc-request-id: a8e0472c2a4326856aa23fa44aa4dc59
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/img/clear.png | 13.50.12.179 | 200 OK | 477 B |
URL GET HTTP/2glaisterennor.my.salesforce.com/img/clear.png IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash1cc6ffea5ac6b5c6e7d7b6b9b1a01e9f a4fd54cc5e6cac7e5fee6f9832c817d5e58c7c10 dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/clear.png HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: image/png
x-sfdc-request-check: 2
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 21 May 2015 20:40:37 GMT
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:56 GMT
x-robots-tag: none
referrer-policy: origin-when-cross-origin
server: sfdcedge
x-sfdc-request-id: e23dc29798e30a7258338acf43112fa8
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/ | 103.253.193.2 | 200 OK | 19 kB |
IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glaisterennor.my.salesforce.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, X-Forwarded-Protocol
expires: Fri, 19 Apr 2024 23:40:59 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=86400
last-modified: Tue, 09 Apr 2024 22:25:57 GMT
x-powered-by: PHP/5.6.40, PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/combined-1.css?m=1600401293 | 103.253.193.2 | 200 OK | 34 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/combined-1.css?m=1600401293 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeASCII text, with very long lines (32684) Hash40ea892dce2648b70de124c40d2add5c 3f7afbc2cd6d5b4d3d4785625ab058454b59020e ada99838b208ab0c0c3ac1cd71ab460e0f5bbe499eef8b92ae7a94bd220f7566
GET /themes/mytheme/combined/combined-1.css?m=1600401293 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8d-843b"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 242 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size242 kB (242113 bytes) Hash2da4673e22cc4fb7ee5a09e838b8d041 a7ca990574bc5b34bd9602c5eb20aba4fe0ff392 d4f397b8dfddc23e52b27c1696d7f80cae752056cc0a9dcaa94569f816f6787d
GET /gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 23:41:00 GMT
expires: Thu, 18 Apr 2024 23:41:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| glaisterennor.my.salesforce.com/ | 13.50.12.179 | 200 OK | 9.3 kB |
URL User Request GET HTTP/2glaisterennor.my.salesforce.com/ IP13.50.12.179:443
CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9980), with no line terminators Hash1a38dce820271164654fb70b6bd03c17 455caa8befaa6720015e5a7b7ce1e38d41f2aeb5 b092a5f1e5a1e86385b2d55a05846f0ae1d47449328edb698b2dd063be3c75a6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET / HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:55 GMT
content-type: text/html; charset=UTF-8
x-sfdc-request-check: 2
content-encoding: gzip
set-cookie: CookieConsentPolicy=0:1; path=/; expires=Fri, 18-Apr-2025 23:40:54 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Fri, 18-Apr-2025 23:40:54 GMT; Max-Age=31536000; secure; SameSite=None
BrowserId=GVod-f3dEe6O4Ge0EoJabg; domain=.salesforce.com; path=/; expires=Fri, 18-Apr-2025 23:40:55 GMT; Max-Age=31536000
BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg; domain=.salesforce.com; path=/; expires=Fri, 18-Apr-2025 23:40:55 GMT; Max-Age=31536000; secure; SameSite=None
x-content-type-options: nosniff
x-frame-options: DENY
vary: Accept-Encoding
x-robots-tag: none
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-security-policy: upgrade-insecure-requests, frame-ancestors 'none'
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
server: sfdcedge
x-sfdc-request-id: 4f0ae4b37f880b63bb8413bbdede9a9c
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/webfontloader/1.6.24/webfontloader.js | 172.67.142.245 | 200 OK | 12 kB |
URL GET HTTP/2use.fontawesome.com/webfontloader/1.6.24/webfontloader.js IP172.67.142.245:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2134) Hash9064ce12d2c81f68123c93bc1a8b0cad 44a3a4a8cbd7a3a77d4a7314d9d2b9d28a3fb56a 2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
GET /webfontloader/1.6.24/webfontloader.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: application/x-javascript
cache-control: max-age=31556926
etag: W/"9064ce12d2c81f68123c93bc1a8b0cad"
last-modified: Fri, 22 Sep 2023 01:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iE%2Bl3yWMpLFhWoYQCsTEHQhLerBbEiMbPf1DxXGe1ZP9H4KE%2Baeoql6xekW8wPGz7a4O36UqyuhedjDZ9rnkJsmV3%2Fbi%2ByWII8Ke1M8IXO16zGyRTw4d%2FgZyvxlv3taqJa1%2FD6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876880c8dac8569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/e4d1c6444a.css | 172.67.142.245 | 200 OK | 1.0 kB |
URL GET HTTP/2use.fontawesome.com/e4d1c6444a.css IP172.67.142.245:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (1054), with no line terminators Hash0fd7d4aa18cf6ab3de77056d4d50a802 ce69fc08a4c1974694ccf1fb015d827f0cddbaf7 c8e514f51f477b97dbcc1ee89e1380e9e3ad9b9662b12413315eb1e53e297013
GET /e4d1c6444a.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/css
etag: W/"b2e035a5bbe42b68e8d16c5e6417f79f"
last-modified: Fri, 22 Sep 2023 01:35:49 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlGIKSETv%2Bh1HLsGgJ%2FzukU7l%2Byyg7N4isT2ojex9e02MPQc3VQ8zEGyMdTyyMZzKTHVetpxvsBAyJdwddE4jfT9VzgGchXRCEQdwwpVxFeVSBOib1xGVdmzImisWC70O7DCfbUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876880c90ad4569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/baselogin4.js | 13.50.12.179 | 200 OK | 3.7 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/baselogin4.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3934), with no line terminators Hash5bcc5b75fb02fed9e72409f513b3338b 3defd44e4be7a93dd0d6022562e7d32b29913c01 4d9420bceafa1519c0b8b8196af623ec1e604f9f9f23f837a021cbe43d273bfe
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/baselogin4.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:56 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
cache-control: public,max-age=10368000
last-modified: Tue, 15 Aug 2023 06:08:13 GMT
vary: Accept-Encoding
expires: Fri, 16 Aug 2024 23:40:56 GMT
x-robots-tag: none
referrer-policy: origin-when-cross-origin
server: sfdcedge
x-sfdc-request-id: cb7c57bcbb1d14ef66d8b838109d18a1
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/e4d1c6444a.js | 172.67.142.245 | 200 OK | 2.7 kB |
URL GET HTTP/2use.fontawesome.com/e4d1c6444a.js IP172.67.142.245:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (2809), with no line terminators Hashff419189bf3ff1ff516165607d8c0511 935419f6f0c5125d9fcf889b25079fab71a97a05 19af05fba08a7239f0364086fce0839fef1e819bbc65624e73093528f30979b0
GET /e4d1c6444a.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/javascript
etag: W/"fc1f90b3daa0973bd28177b9c4a2b0f1"
last-modified: Fri, 22 Sep 2023 01:35:49 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUPcqO8XtAuWmwKNVp4kV4Fi3afDDT7HpUFn%2FRmkkeOkJf%2FVWGf2x%2B4bVwFUpIRGsKdRp6hFB8wt%2Fo5G9aLVchANth%2BbR48Tnr1qW0AFIJBLCtZj%2FRqVmDUE1BLJ9BDvD1spuV%2B6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876880c759ff569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.6.2/fonts/fontawesome-webfont.woff2 | 172.67.142.245 | 200 OK | 72 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.6.2/fonts/fontawesome-webfont.woff2 IP172.67.142.245:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 71760, version 4.393 Hasha1a450ea331a3fc89e867ecad963b6b2 ee59197f63a2c4c7b7f2ae135a745202235de8d4 2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
GET /releases/v4.6.2/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: application/octet-stream
content-length: 71760
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "a1a450ea331a3fc89e867ecad963b6b2"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDVdtcMoVf%2FwTSId8rGMFzaTwb1jgeltyJdreHqdFlC1hEpVlpNeRQ1e5m1j9Q%2F%2Bha9DBikYvcjkPWh7c1kpxuTNlw0zEA2TGQEfdehVOw1UNQQCyv9tlxhH%2B7XOmqrZre%2B8ZnB6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876880ca7b92569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-177510329-1 | 142.250.74.168 | 200 OK | 202 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-177510329-1 IP142.250.74.168:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size202 kB (202331 bytes) Hash595ed12db787d13b1d3c00ab50e929e9 366ca5bc0966c469b304cdb1d7bd86a133528233 66f7ed37e65d0568e8b407831b211879ed4de8cf772d88b94ee5e3b5c8ae6a8c
GET /gtag/js?id=UA-177510329-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 23:40:59 GMT
expires: Thu, 18 Apr 2024 23:40:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/combined-1.js?m=1646287021 | 103.253.193.2 | 200 OK | 201 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/combined-1.js?m=1646287021 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1386) Size201 kB (200885 bytes) Hashdf6214b5552f5c2b5991e4fb432cb2c1 db3b4d7be894b11f1113bad15c790d2977937ec7 bfdc62e84a717d4f2bcbd30dda4173ce9b35f3c1ae87d9164fcd87de97fb26dd
GET /themes/mytheme/combined/combined-1.js?m=1646287021 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/javascript
last-modified: Thu, 03 Mar 2022 05:57:01 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"622058ad-310b5"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/SfdcSessionBase208.js | 13.50.12.179 | 200 OK | 16 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/SfdcSessionBase208.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (575) Hasheede1b37a00f77c1143e618cf980b866 95388a2520cd89b8c9a837a336688520dee7ef45 680ee03715036c635c33fdd03f1ba69538ed2af3f569e2cc901c937653f90f06
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/SfdcSessionBase208.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=GVod-f3dEe6O4Ge0EoJabg; BrowserId_sec=GVod-f3dEe6O4Ge0EoJabg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:55 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-robots-tag: none
cache-control: public,max-age=10368000
expires: Fri, 16 Aug 2024 23:40:55 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 15 Aug 2023 06:08:09 GMT
server: sfdcedge
x-sfdc-request-id: ce0007b585287102b022ce5f59e43508
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg | 103.253.193.2 | 200 OK | 292 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size292 kB (291785 bytes) Hashcfef18983b24650c3a135dccae7acc9a 9fee1b3788f8da93827ead0501e8e85d88a1b81e 955e9faf3bcd5b17308a5df12c298ed7b96f9e1c94f7088ff114daeb3ce396ad
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: image/jpeg
content-length: 291785
last-modified: Fri, 01 Oct 2021 02:34:33 GMT
cache-control: max-age=604800, public
etag: "615673b9-473c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.6.2/css/font-awesome-css.min.css | 172.67.142.245 | 200 OK | 28 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.6.2/css/font-awesome-css.min.css IP172.67.142.245:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (28274) Hash95e795396dad96cf9d858440a3507715 3e4fd0035a4968f0143ef1f3b4d979a107ed25b7 4bacd81e6150c0d6b49e7e302971b5b5865e43751b7fabb8b3756ef1e6dbac09
GET /releases/v4.6.2/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/e4d1c6444a.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:40:59 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"95e795396dad96cf9d858440a3507715"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1765507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BuN9ceMWHHYQM6JJSWXusIm7gLve%2FkmTKJ4u5J3j2bm21FxcBO0KXWnMOuvI%2B3DESf%2FgDu5ACnQ593cHnqxGJ8ujMXxGQx9rqrpkaQCYRDCXVeo3w75ga0l%2Bnb2w34BmMf08tAo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876880ca5b81569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 0 B |
URL GET HTTP/2fast.fonts.net/t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css
Cookie: __cf_bm=T7DnH9InTuG83QPBsGb1LicQV_8_hUhE_0YViXBGTrQ-1713483660-1.0.1.1-uc_PwFauQkdV2w7kSryO9PKqeUGDue2Z1urI8r9qRJEWlwvviw4ot3ifw4KHezlyHMYoK0PqvIXkvH4t2fvRWQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:00 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: d2knOHW0OrszGRoy2v45Dvm7uPcAqFAsqBwzgwp3js5DnXzSPo9lNftwAcERfqu5WZpwqM7fRtU=
x-amz-request-id: NYVRJMYX8ZTKRSSN
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 92026
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 876880cc5b4e930c-CPH
X-Firefox-Spdy: h2
|
|