r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4371
Expires: Thu, 01 Dec 2022 06:00:52 GMT
Date: Thu, 01 Dec 2022 04:48:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2164
Cache-Control: max-age=109162
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:01 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:07:23 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 04:18:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1794
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 04:48:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O+hZIi2jgzRlYRzG278iZQY5CXJbXxjHhdrAxvkEbvLQpQjCV+Wkq00eN2G45IlvxOTAtwsej+8=
x-amz-request-id: MB646FYSC9120KME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 04:46:08 GMT
age: 113
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 04:48:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 2345
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
younginteriors.com.au/booss/
203.26.41.223200 OK 33 kB URL HTTP/1.1 younginteriors.com.au/booss/
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168)
Hash ba8ec113806cb0e79bae3434e6238213
0cd3f198873e6a0f9be82a9acfe07d4f7b041734
648daef874b30314788fc6c81e4472a77f329d1e49f0e0e45dac11fc59697f18
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
GET /booss/ HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:07 GMT
Accept-Ranges: bytes
Content-Length: 33432
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2159
Cache-Control: max-age=104089
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:01 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:42:50 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/1203273213x32.js
203.26.41.223200 OK 2.7 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/1203273213x32.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403)
Hash 026533413b3d09d51db59238995299c1
8299098d71a0d18d7bf7279f0d71bed0345c0ec2
62079f9953d5a6dc3240039aa842881f9171f4c3f2bc664629aaf5f2c537214c
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 2727
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/rta.js
203.26.41.223200 OK 168 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/rta.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash cf8059bd98746a031879c027d0675200
5b36326aeac50dd7fbf8a910775b32beccc12d5a
00fb70d9832d4974eacda5d97b5ede63153bebe471109491dc6807db6ceca3a7
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 168
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/segments.js
203.26.41.223200 OK 39 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/segments.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 39
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/data.json
203.26.41.223200 OK 295 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/data.json
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
Hash c4e699111d8c5ee41a03610b94ff02d5
7b4ec667ab9d73b69d752931fa675eca988ac1be
f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/event
203.26.41.223200 OK 191 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/event
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with no line terminators
Hash 2d5d169b7afabb783f8994c576f005cb
d3c1f326303b3cd98f892a5ab28cea82222d058b
384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/event HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 191
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: STEoclOJ2L1PjKrrubX9VA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fBbO9pcJ7fsksmCFHpcDNyoC8bA=
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/150582-10.js
203.26.41.223200 OK 898 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/150582-10.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Hash 5de2cd9adefd2a264bc1e881d19827f0
07046ae6c3a9449fd68bd4e0a4f59e7626f30854
af216babd9b5c43a2e6cdedc5d7497f154b3055216272d4a53af26be49bcd53f
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:07 GMT
Accept-Ranges: bytes
Content-Length: 898
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
203.26.41.223200 OK 51 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (50848), with no line terminators
Hash 46ad0dca51a657b2f6d4302e8af335ac
56f30d2a99c33270a368df39b0fac6a6321f72f4
7744a06830d6b63ba7fc3b5f7649f8f06959e3c31118cf324d3e36e5433915ed
GET /booss/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:01 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 50848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/150582-15.js
203.26.41.223200 OK 3.0 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/150582-15.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2808)
Hash 3884f03746032fe3fb6b327134090769
b2e5801b7814f320f0364ab04d98f16e429a987d
c7b6ae528e00b64960dd07aa40cd199c946f089e789df34e47c1de507879302b
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:07 GMT
Accept-Ranges: bytes
Content-Length: 2978
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/1647526060x32.js
203.26.41.223200 OK 1.4 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/1647526060x32.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433)
Hash db5bdae32033752bd8574dc96ee4c96c
59c8ea77207eff9f8dbf9b6cbf156c6329cbf931
853efa16d425ff8c75c2bd4c74459ef9b555ceaae1a22d4aae0c36f95cad4351
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 1420
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/asc.txt
203.26.41.223200 OK 17 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/asc.txt
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with no line terminators
Hash 92ecce91e58ca501e89410701805ffd2
fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 17
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
203.26.41.223200 OK 3.9 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (3906), with no line terminators
Hash b9e47f9f8aac844ec80a9ba6ff6e7a74
cbf073ac21eaa5de906e1fcce023c64c3829c648
aef3124abf7a9f765f36093acf39e804987e52e1a1c241700441949ea52a7673
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 3906
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
203.26.41.223200 OK 18 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (815), with CRLF line terminators
Hash 4ff1cfd3240ea3e8eed8d96e31152dc2
97ed8e13c3b52da3ea4865af48b219c8e540e5ac
c1d1eb4e35d0cfa8617262918737bcb8804dd0720cdca026da2087166ac7ba71
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 17478
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=36449
date: Thu, 01 Dec 2022 04:48:03 GMT
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af179c4b3764216ebea916fd3c1c02ea
cd526e451e0f46aece45ad2fbb3078389876e965
624f09ce51170b7946275ffd9464f31185c0f6f18acc91ae394de6d018d24749
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2214
Cache-Control: max-age=125017
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:03 GMT
Etag: "63876eb6-1d7"
Expires: Fri, 02 Dec 2022 15:31:40 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
us-ads.openx.net/w/1.0/jstag
34.98.64.218200 OK 18 kB URL HTTP/2 us-ads.openx.net/w/1.0/jstag
IP 34.98.64.218:0
File type ASCII text, with very long lines (12594)
Hash 9d63b6c3f8fba7bd399f34afdbb05ed9
550b90acf9632bb8963d534fff605f682eafac61
fcf84b3144b53cf923d484c83dd53e28e21a8b2db63677db251c6e8c5ad11bf6
GET /w/1.0/jstag HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Thu, 01 Dec 2022 05:48:03 GMT
date: Thu, 01 Dec 2022 04:48:03 GMT
content-type: text/javascript
content-length: 18070
content-encoding: gzip
cache-control: max-age=3600
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af179c4b3764216ebea916fd3c1c02ea
cd526e451e0f46aece45ad2fbb3078389876e965
624f09ce51170b7946275ffd9464f31185c0f6f18acc91ae394de6d018d24749
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2219
Cache-Control: max-age=125022
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:03 GMT
Etag: "63876eb6-1d7"
Expires: Fri, 02 Dec 2022 15:31:45 GMT
Last-Modified: Wed, 30 Nov 2022 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
us-ads.openx.net/w/1.0/acj?ai=c2001453-65b0-4a73-b4df-cd883550442a&o=8467438353&callback=OX_8467438353&ju=http%3A//younginteriors.com.au/booss/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
34.98.64.218200 OK 242 B URL HTTP/2 us-ads.openx.net/w/1.0/acj?ai=c2001453-65b0-4a73-b4df-cd883550442a&o=8467438353&callback=OX_8467438353&ju=http%3A//younginteriors.com.au/booss/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
IP 34.98.64.218:0
Hash c14931727bdbb17adacfa5938e6c4061
66ad1515a9268e8e623b959bb88f8167e7dd2d6e
68f97a6975911ec4356f0a482aad4a6f4053c7890fefce9e0cbe0b7e08635a67
GET /w/1.0/acj?ai=c2001453-65b0-4a73-b4df-cd883550442a&o=8467438353&callback=OX_8467438353&ju=http%3A//younginteriors.com.au/booss/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1 HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 01 Dec 2022 04:48:03 GMT
content-type: application/json
content-length: 242
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Thu, 01 Dec 2022 06:03:04 GMT
Date: Thu, 01 Dec 2022 04:48:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Thu, 01 Dec 2022 06:03:04 GMT
Date: Thu, 01 Dec 2022 04:48:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 06:20:48 GMT
age: 80835
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 23952
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 24963
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 08:50:17 GMT
age: 71866
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2f2f7c9706a549fd41ba29135ce83e1
838faca0991563ccc5756f65d5bfd6c3d4d88372
f35f6a43751ff81f220789a2aa352c6abbd2f52b3beabff738cd11761b1923da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6509
x-amzn-requestid: a86cb68e-5c74-4945-acbc-79d10f7c6c7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMPFOEIAMFYnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe7-006677c06331c3e014ab143e;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tlB6fhdDRjY_6gEC8QWNa8BLapBlyNLrx2I2fyE0M36oIS4cpEXDQw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:58 GMT
age: 25085
etag: "838faca0991563ccc5756f65d5bfd6c3d4d88372"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07f254d44ff2fb86ee22cee39ef3eb0
0660a548a491d4a58ca2246f094f0553437c3f61
859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F_ZBWwAOPbEjvMD1ChrgN9QYUyyFYdtRT6CcX6gviowmeinPRgVtnA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:19:21 GMT
age: 1722
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/jquery-1.js
203.26.41.223200 OK 94 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/jquery-1.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 25721ced154b3a99e818431446d7506d
3f1b0e9e54af1af2db2c8a639530448723462151
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 94020
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/11648.js
203.26.41.223200 OK 26 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/11648.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- C source, ASCII text, with very long lines (25399)
Hash 04873a9ac5cdc1c90fcfb18a21e04136
2703ddd39416a70ada985452107e5b543ee89a0a
d7e781eaa55fbe21f653b0d2b807adc6af016ba9170ccd35fd44b3176786c80c
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:07 GMT
Accept-Ranges: bytes
Content-Length: 25508
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
3.72.153.40307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 3.72.153.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Thu, 01 Dec 2022 04:48:03 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63883203-5f8384091a00c84e0da10ecf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/moatad_002.js
203.26.41.223200 OK 182 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/moatad_002.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.21:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Thu, 01 Dec 2022 04:48:03 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LB4LJ6W0-22-CJLE; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qp7XZ8h6Apviu9DtVM30fCgeJct9d5f2umqJEGw/OhUKcayy580IFVczyLe+IE7Cx6aD1vO4B23nebkVCb8jiAsHTiltakQY8o=; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
3.72.153.40307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 3.72.153.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Thu, 01 Dec 2022 04:48:03 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63883203-65ec30be1972e9f371307541
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.21:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.9768979034264971&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Thu, 01 Dec 2022 04:48:03 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LB4LJ6XU-1U-GV7Y; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qo6ZDz8HHLm3O9DtVM30fCgeJct9d5f2umqJEGw/OhUKcayy580IFVczyLe+IE7Cx6aD1vO4B23nebkVCb8jiAsHTiltakQY8o=; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/omniture_visId.js
203.26.41.223200 OK 83 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/omniture_visId.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (707), with CRLF line terminators
Hash e97a8791094937eca04430b8fd76550b
69fac7a4b26fdd0e5ea9c7b679435c80857efb1f
0d511486e7d3d6543bce126133d47c2805c5e4f0ff4c6d6eefabd5d6e678bf99
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 82832
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ads.rubiconproject.com/ad/11648.js
104.85.187.217200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/11648.js
IP 104.85.187.217:0
File type C source, ASCII text, with very long lines (26545)
Hash 5aecf12e8c3cb1d14458bc71c6b8cf0c
b0cedce6e8165041981ba59a9b7277053a37ba89
69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
GET /ad/11648.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8946
content-type: text/javascript
cache-control: max-age=7385
expires: Thu, 01 Dec 2022 06:51:08 GMT
date: Thu, 01 Dec 2022 04:48:03 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/all.js
203.26.41.223200 OK 199 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/all.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (18053)
Size 199 kB (198957 bytes)
Hash bc6c96975ece396c2410a11de12aa324
dc29df9842c22f28b858e6384b9339e2632ce3fc
1cbf11d576a004a0f2bf7baa71c045dd94d4b0eb3e4c848df0bd75dcb144c5f7
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 198957
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
203.26.41.223200 OK 36 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash a98fbe346dd7c66a4ca5f1f77aa75e44
ee1c12063d821ba884efe2afedd6cab81c825363
de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d
GET /booss/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 35514
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:03 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a9ea20d468aed7ced6a490391227c9d7
fa21b125089fb014b244a0eee25b639a35812218
5aa7b9fc671e985d823215ee017d0bd1ac0d92e57a34fee69989402765755857
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2195
Cache-Control: max-age=161728
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:03 GMT
Etag: "6387fe30-1d7"
Expires: Sat, 03 Dec 2022 01:43:31 GMT
Last-Modified: Thu, 01 Dec 2022 01:06:56 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.2366126659953789&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
213.19.162.21200 OK 147 B URL HTTP/2 smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.2366126659953789&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
IP 213.19.162.21:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.2366126659953789&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Thu, 01 Dec 2022 04:48:03 GMT
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB4LJ72E-U-HQ4B; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qronkngXeymnO9DtVM30fCgeJct9d5f2umqJEGw/OhUKcayy580IFVczyLe+IE7Cx6aD1vO4B23nebkVCb8jiAsHTiltakQY8o=; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:03 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 147
X-Firefox-Spdy: h2
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
3.72.153.40307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 3.72.153.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Thu, 01 Dec 2022 04:48:04 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63883204-7cf1a575068db2d05e118e7a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.21:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Thu, 01 Dec 2022 04:48:04 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LB4LJ74D-1I-8DV0; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:04 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrc5+YdsKhCVO9DtVM30fCgeJct9d5f2uldqRxYfNlIZ8ayy580IFVczyLe+IE7Cx6aD1vO4B23nebkVCb8jiAsHTiltakQY8o=; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:04 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/moatad.js
203.26.41.223200 OK 182 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/moatad.js
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:02 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:07 GMT
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.21:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.02035408463288635&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Thu, 01 Dec 2022 04:48:04 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LB4LJ768-1Q-2I7T; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:04 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qow3f6XxmtD0e9DtVM30fCgeJct9d5f2uldqRxYfNlIZ8ayy580IFVczyLe+IE7Cx6aD1vO4B23nebkVCb8jiAsHTiltakQY8o=; Domain=.rubiconproject.com; Path=/; Expires=Fri, 01-Dec-2023 04:48:04 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/u.gif
203.26.41.223200 OK 42 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/u.gif
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /booss/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/event.gif
203.26.41.223200 OK 42 B URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/event.gif
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /booss/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/seal.png
203.26.41.223200 OK 3.1 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/seal.png
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash be19bc645a5d70db58e4317fb1f7f791
8c38f471f3e6d17af148acaab219db7e3e4a8d23
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /booss/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 3091
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db5ed5146ed908db4a714cf0829e490f
861d0a6ba8200145c78ab706e2eb07eed758571e
7d402eca704c618b1a47920eec7291c3f207eb2db3425160e078212529d8b62b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2103
Cache-Control: max-age=136427
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:04 GMT
Etag: "63879bb8-1d7"
Expires: Fri, 02 Dec 2022 18:41:51 GMT
Last-Modified: Wed, 30 Nov 2022 18:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
91.228.74.208200 OK 39 B URL HTTP/2 pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
IP 91.228.74.208:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 04:48:04 GMT
content-type: application/x-javascript
content-length: 39
cache-control: private, no-transform, must-revalidate, max-age=86400
expires: Fri, 02 Dec 2022 04:48:04 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
set-cookie: mc=63883204-3d3fd-d7c7c-5e4f4; expires=Mon, 01-Jan-2024 04:48:04 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210302 Found 0 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 01 Dec 2022 04:48:04 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 30 Nov 2022 04:48:04 GMT
last-modified: Fri, 02 Dec 2022 04:48:04 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31C41902787F902F-40001A57E5F733ED[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sat, 30 Nov 2024 04:48:48 GMT;
location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&pccr=true&vidn=31C41902787F902F-40001A57E5F733ED&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&pccr=true&vidn=31C41902787F902F-40001A57E5F733ED&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210200 OK 43 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&pccr=true&vidn=31C41902787F902F-40001A57E5F733ED&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/comcastnetdev/1/H.27.5/s74967881041563?AQB=1&pccr=true&vidn=31C41902787F902F-40001A57E5F733ED&ndh=1&t=1%2F11%2F2022%204%3A48%3A3%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fyounginteriors.com.au%2Fbooss%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fbooss%2F%2F%3Asign%20in&v1=%2Fbooss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbooss%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 01 Dec 2022 04:48:04 GMT
expires: Wed, 30 Nov 2022 04:48:04 GMT
last-modified: Fri, 02 Dec 2022 04:48:04 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31C4190217355AF6-600009B75A76104E[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sat, 30 Nov 2024 04:48:48 GMT;
etag: 3586018700063735808-4619824291481260109
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2200
Cache-Control: max-age=142312
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:04 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:19:56 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
Content-Type: text/html; charset="utf-8"
X-FB-Debug: LdQOobybK8lzVO008+4dARrNxN3pKSd9wOGOE2A+0no3HaCWasX/o8/ER0lchtGezDtxSKIbfmxXzR6WvoOmdg==
X-FB-TRIP-ID: 1904183273
Date: Thu, 01 Dec 2022 04:48:04 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/images/fb-logo-29.png
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/images/fb-logo-29.png
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
GET /static/images/fb-logo-29.png HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12404 Not Found 9 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mfNJtLTEu7ok63iEDT7bvrvm2IGBuRJw73b+D94phReP0nQBi034wsk5NRKK1tNO9MBgOGXYGXFsLWZSkXG0Aw==
content-length: 9
priority: u=3,i
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 04:48:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/dest5.htm
203.26.41.223200 OK 8.9 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/dest5.htm
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators
Hash d2f6fa6292c62a0b4453c4d7763040e1
a9330f8597c230773f94d5f3b442d0a14e94083f
b8ddbf2a9418fff20f88a0692ce5aa6770edc51280200cdf410fdfb36466794c
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 8948
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2200
Cache-Control: max-age=142312
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:48:04 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:19:56 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12404 Not Found 9 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://younginteriors.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Y34KdW2f0a4Ve1+l0CBMwCdLaScu7Eeai9rPuqiFGDWs6MKZ1R1IM9mlcpBEAUmcEFUBuwnY6fSobQTbcqdiAw==
content-length: 9
priority: u=3,i
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 04:48:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:05 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
203.26.41.223200 OK 43 kB URL HTTP/1.1 younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators
Hash fc6f71bf3bb8b37c2e742712f5e9fa31
1985f6685907edd356e999433d688632683297f5
074da691273a060b544115ecc31905c1c260559484b45560f9a299d83ca5d898
Analyzer Verdict Alert fortinet Phishing
GET /booss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:04 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 05:26:06 GMT
Accept-Ranges: bytes
Content-Length: 43032
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:05 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
203.26.41.223404 Not Found 386 B URL HTTP/1.1 younginteriors.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
IP 203.26.41.223:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24b197870b000f5c3ea5ce4aa2f105cb
f61cb091e945f18f48166ba24a74144e4373b084
adb819eb40e78734560ff3b108a8785c832bf50884c334d4bd355524c531b404
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1
Host: younginteriors.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/booss/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:48:05 GMT
Server: Apache
Content-Length: 386
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-assets.rubiconproject.com/static/psa/blank/1x1.png
104.85.187.217200 OK 155 B URL HTTP/2 secure-assets.rubiconproject.com/static/psa/blank/1x1.png
IP 104.85.187.217:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /static/psa/blank/1x1.png HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
accept-ranges: bytes
content-type: image/png
content-encoding: gzip
content-length: 155
unused62: 8096267
date: Thu, 01 Dec 2022 04:48:05 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash e56bcf33b6be5a8d242f833bedc9102f
ff44ef3883fa95f40fb0330c581897f58cade707
b266064ac1219a223d139f27674e0e7fb623614b8414e9321d32a76e69b89ed5
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: dee3dec00c5e692c7a456ee6ad630360
ETag: "d8d59f1dd2d1789043f074134a5e9eb6"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Thu, 01 Dec 2022 05:06:51 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: 5WvPM7a+Wo0kL4M77ckQLw==
X-FB-Debug: 7fktZWV9ZvQdBqpP8jJBJ5RWE0HiV4QzQ1WjZgrEM7uSj2QN+WUP8mt8MfSb/enEF8JjCU865Cp/mNz5pfGswA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Thu, 01 Dec 2022 04:48:05 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=65947721525&varName=crtg_content
178.250.2.157204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=65947721525&varName=crtg_content
IP 178.250.2.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=65947721525&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Thu, 01 Dec 2022 04:48:05 GMT
strict-transport-security: max-age=31536000; preload;
comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F
18.203.75.86302 Found 0 B URL HTTP/1.1 comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F
IP 18.203.75.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://younginteriors.com.au/
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: http://comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=02072284500995142670876652545904728825; Max-Age=15552000; Expires=Tue, 30 May 2023 04:48:05 GMT; Path=/; Domain=.demdex.net
X-TID: d05Ydk+nR8o=
Content-Length: 0
Connection: keep-alive
comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F
18.203.75.86200 OK 67 B URL HTTP/1.1 comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F
IP 18.203.75.86:0
File type ASCII text, with no line terminators
Hash 51ed154c196d743d8f5bd6fbb4c6dc90
8c69ac80c63cecb1f44ee3ffb566c1e56466ce12
9fd221a2aa919523c9c94082201d2a47d87f2b6d26a3ccaf4063f6e375ec1b85
GET /firstevent?d_nsid=1&d_ld=_ts%3D1669870083025&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669870083025&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbooss%2F%2F%3Asign%20in&c_eVar1=%2Fbooss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbooss%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://younginteriors.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
X-TID: 1vTTiIenQkY=
Content-Length: 67
Connection: keep-alive
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c4e2537392456b64830d0ca5038010b4
7ab4c65ac55c656ac9a4e8f5f9bdcdde323562f6
9d2e3751d7563249fb355388c16cb5a9b2f5caa818d01cb9996b9647962ee39d
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 10:07:28 GMT
Expires: Mon, 05 Dec 2022 10:07:27 GMT
Etag: "7ab4c65ac55c656ac9a4e8f5f9bdcdde323562f6"
Cache-Control: max-age=601137,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 88
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772930432e761c02-OSL
login.comcast.net/static/images/global/favicon.ico
68.87.82.237200 OK 1.2 kB URL HTTP/1.1 login.comcast.net/static/images/global/favicon.ico
IP 68.87.82.237:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8591b1e1977be23073d13751a5f203d0
3f549eff3cf641803992d8748202bf0775f4765e
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /static/images/global/favicon.ico HTTP/1.1
Host: login.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:48:05 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=498
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.facebook.com/impression.php/f1c50e9f40ee882/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/impression.php/f1c50e9f40ee882/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
IP 31.13.72.36:0
GET /impression.php/f1c50e9f40ee882/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://younginteriors.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/gif
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: vjJnnqvQuo9b6bIX7/MHGmmBNDPJWRjfReGbcMDmClgtLKh9JxXnFa0lJ831TK1yZ8taNJT2H9gjKT954Enfcg==
date: Thu, 01 Dec 2022 04:48:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2