Report - saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551

Report Overview

Submitted URL
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551
IP
122.201.67.1
ASN
#38719 Dreamscape Networks Limited
Submitted
2023-03-22 20:25:23
Access
public
Website Title
Final URL
Tags
bank_of_america financial phishing
urlquery detections
Phishing - Bank of America

Detections

urlquery
41
Network Intrusion Detection
1
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	53 kB	34.120.237.76
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-26T06:17:09Z	389 B	31 kB	216.58.207.234
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
saltbox.com.au	unknown	2015-11-21T07:21:38Z	2023-03-24T09:33:41Z	9.4 kB	1.3 MB	122.201.67.1
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	686 B	1.4 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.35.19.71
smallenvelop.com	405085	2014-10-25T12:56:31Z	2023-03-25T17:10:16Z	414 B	520 B	194.1.147.82
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	4.4 kB	12 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-22 20:25:19	high	Client IP	122.201.67.1	ET PHISHING Generic Phishkit Activity (GET)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed
2023-03-22	medium	saltbox.com.au	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551	96 B	2023-03-07	2023-08-23
Pretty URL saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551 IP 122.201.67.1 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-08-23 00:42:32 Times Seen974 Hash 413a00885bbfc45acf8ed919c6592147 1bbf290a9d153e6c713d61d6b2795dea2d79fce1 4593a076a63fefab53aa34590f2e751618766ed8ffd6d0022d85265111bf37fb Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 11:00:50 Times Seen384602 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551	64 B	2023-03-07	2023-11-03
Pretty URL saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551 IP 122.201.67.1 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-11-03 01:49:34 Times Seen989 Hash 6a9f46a3ed1778e19fcd613072b4530c 90b09342bf88623a80546972f95ece44765fa5ca 55f9434349d57a1d968c00614f5e3ff676b42cb1bfec9cf344b2e2c71ceac3d0 Loading...

HTTP Transactions (49)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10060
Expires: Wed, 22 Mar 2023 23:12:53 GMT
Date: Wed, 22 Mar 2023 20:25:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 22 Mar 2023 23:17:11 GMT
Date: Wed, 22 Mar 2023 20:25:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12223
Expires: Wed, 22 Mar 2023 23:48:56 GMT
Date: Wed, 22 Mar 2023 20:25:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Mar 2023 20:15:02 GMT
content-type: application/json
age: 611
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: vf8Ka7BR4ZsyeulviNixyyl/urd24MEObxJfc9JMwdj6sfWhVvnppPcDECVabyM3rEKpyYHpGEg=
x-amz-request-id: KDFKWGMEC0BX58MP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Mar 2023 19:59:39 GMT
age: 1534
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551

122.201.67.1

200 OK

2.3 kB

URL HTTP/1.1
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (380), with CRLF line terminators
Size
2.3 kB (2301 bytes)
Hash
afa71a5b048a24f07b99edb3d56c3611
f925b2d9961a2e8f80721fb32a3fb07629c07039
396a4495eed81c7bd32c485fb2035997be7d82c21b11d0d9f005810b3c6b0751

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/login.php?cmd=login_submit&id=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551&session=bfa13c56726677fd823ec62d9ff61551bfa13c56726677fd823ec62d9ff61551 HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 20:25:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2301
X-Powered-By: PHP/8.1.9
Upgrade: h2,h2c
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
06adbc463c1bafb4b79a2d2f10791ef8
30a6d093719f89764805f62102b0a07c493016a0
64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 20:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

216.58.207.234

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://saltbox.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 09:53:29 GMT
expires: Wed, 20 Mar 2024 09:53:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 124304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 20:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Mar 2023 20:14:33 GMT
age: 640
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ed35456c8e26a1d434c6b47501ee653e
231d79387835b2be73944409af134ec2c93a1f29
b272d657be04d6ec74e1a500b71d43794281cf7d057659f5395cfe102a2f8b6d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B272D657BE04D6EC74E1A500B71D43794281CF7D057659F5395CFE102A2F8B6D"
Last-Modified: Mon, 20 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17957
Expires: Thu, 23 Mar 2023 01:24:30 GMT
Date: Wed, 22 Mar 2023 20:25:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3288
Expires: Wed, 22 Mar 2023 21:20:01 GMT
Date: Wed, 22 Mar 2023 20:25:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e79838da7c6a5bf3b3fc958b6bb50a
6216751f477920edd185ecd4cad86a21fe07cced
31b3d6544f88fda91e58fb9b8f200ab745710e6fa5b82f673095619c0b8c2a7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31B3D6544F88FDA91E58FB9B8F200AB745710E6FA5B82F673095619C0B8C2A7C"
Last-Modified: Mon, 20 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Thu, 23 Mar 2023 02:24:28 GMT
Date: Wed, 22 Mar 2023 20:25:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e79838da7c6a5bf3b3fc958b6bb50a
6216751f477920edd185ecd4cad86a21fe07cced
31b3d6544f88fda91e58fb9b8f200ab745710e6fa5b82f673095619c0b8c2a7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31B3D6544F88FDA91E58FB9B8F200AB745710E6FA5B82F673095619C0B8C2A7C"
Last-Modified: Mon, 20 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Thu, 23 Mar 2023 02:24:52 GMT
Date: Wed, 22 Mar 2023 20:25:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e79838da7c6a5bf3b3fc958b6bb50a
6216751f477920edd185ecd4cad86a21fe07cced
31b3d6544f88fda91e58fb9b8f200ab745710e6fa5b82f673095619c0b8c2a7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31B3D6544F88FDA91E58FB9B8F200AB745710E6FA5B82F673095619C0B8C2A7C"
Last-Modified: Mon, 20 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 23 Mar 2023 02:24:59 GMT
Date: Wed, 22 Mar 2023 20:25:14 GMT
Connection: keep-alive

push.services.mozilla.com/

52.35.19.71

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.19.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oVP2+jWm81iwLXl8mUFESQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DwrSLr5mjrSL/aasc6yJp6I68A4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c6977d230347b2a50284e248806c4c86
175354448640faa5a78ed89e37921d36576610d4
1632771c0cdcb7d1d17ebc9f5512a85f5cc43502c7ddffbbe8d57c09730e9f76

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1632771C0CDCB7D1D17EBC9F5512A85F5CC43502C7DDFFBBE8D57C09730E9F76"
Last-Modified: Mon, 20 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21538
Expires: Thu, 23 Mar 2023 02:24:12 GMT
Date: Wed, 22 Mar 2023 20:25:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e79838da7c6a5bf3b3fc958b6bb50a
6216751f477920edd185ecd4cad86a21fe07cced
31b3d6544f88fda91e58fb9b8f200ab745710e6fa5b82f673095619c0b8c2a7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31B3D6544F88FDA91E58FB9B8F200AB745710E6FA5B82F673095619C0B8C2A7C"
Last-Modified: Mon, 20 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Mar 2023 02:25:14 GMT
Date: Wed, 22 Mar 2023 20:25:14 GMT
Connection: keep-alive

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq9.png

122.201.67.1

200 OK

61 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq9.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1299 x 363, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (61304 bytes)
Hash
0ff7a151363008bf059f8af27068161c
6736749f888336184decbde457c93804433e5e28
29a678c76e364091912911bed222cb32fbfb2ce0c592f790b6e888e9e367ce8b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq9.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 61304
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4831
Expires: Wed, 22 Mar 2023 21:45:46 GMT
Date: Wed, 22 Mar 2023 20:25:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4831
Expires: Wed, 22 Mar 2023 21:45:46 GMT
Date: Wed, 22 Mar 2023 20:25:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4831
Expires: Wed, 22 Mar 2023 21:45:46 GMT
Date: Wed, 22 Mar 2023 20:25:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1249d209-fb6d-4a02-9081-d8658b8ff632.jpeg

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1249d209-fb6d-4a02-9081-d8658b8ff632.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2909 bytes)
Hash
13917543b8b3f8cdd572aff9d898b6f5
7a6a1c68fdb21a228f55db88933e5c2f69c8ec42
b6eb766589c295c2a909e837fe1a6d9bdc4715baab77a4fe14d2a6f775e78e16

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1249d209-fb6d-4a02-9081-d8658b8ff632.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2909
x-amzn-requestid: 89330fce-b0cf-4f8e-b065-231ee439172f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqPyHWLoAMFlww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23fe-619e4e36404b1ee94212e2d1;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:10 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: GNF08Td2MDYTOGOVe-eNSQ-ftMAPX8JZznVEmHI4f4QfE9kOOFYEhw==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:01:12 GMT
etag: "7a6a1c68fdb21a228f55db88933e5c2f69c8ec42"
content-type: image/jpeg
age: 80643
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8037 bytes)
Hash
aeb0d8069d746e467fecd886c0e42628
8229b537f84a7418dc67e30691e62db4cea67f0f
24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8037
x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJprcGY1IAMFSAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:43:22 GMT
age: 81713
etag: "8229b537f84a7418dc67e30691e62db4cea67f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: dd5a8417-ddd5-469d-aa84-e880f4b84464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHqKFGRsoAMFTGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6419570d-3f28a7502b56eda47dd82ba7;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JImqyag05jmvEwsJSvKFVuisuS5KNKfr7xRuN0YPyneNXvVxKkFMzg==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 05:35:55 GMT
age: 53360
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DL7vQgu72hwpt7yHbmIKnAZnoIaR4CQPE1JJAjq8M4jg0REUsq5lOw==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:48:25 GMT
age: 81410
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10480 bytes)
Hash
6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:59:52 GMT
age: 80723
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10407 bytes)
Hash
2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: d7wlX2p3nm1VAV3qxRv2S1VbjxRah6GciBVRgyds7qbK1yNltNmtMQ==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 1f41b5f27f3ec2e93db2155dbc56900c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:49:24 GMT
age: 81351
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/q1.png

122.201.67.1

200 OK

431 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/q1.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 629, 8-bit/color RGBA, non-interlaced\012- data
Size
431 kB (430729 bytes)
Hash
efdcf99e8f72705f113cc359751e677a
304cc765d94a43b4c845e375141343ec519c628e
bd606237f244d4eac026f8683eeb6c4f83057c729b99ccf85b3b8c2c03099ada

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/q1.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 430729
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq11.png

122.201.67.1

200 OK

46 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq11.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 260, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45770 bytes)
Hash
667d47cdd6968f4f07acaa27e74a562f
8726fd097f771c1cd227b91ef89fddd28e85018c
a9f7a0968d213c127d365dec662b8de8b6b5a6050fb452031e7e18091d4bd73e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq11.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 45770
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq8.png

122.201.67.1

200 OK

8.7 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq8.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1238 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
8.7 kB (8697 bytes)
Hash
cfe79b101c15c9d90f43c8b686c7b8b4
f01cadb53c51a78afdcf761fa9fa02bbd9dd24a8
2ab545bc4ed5ba7ba4260983046430bfc4f5b3261a2c8682cbc4552e4bd28471

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq8.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 8697
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/flr.png

122.201.67.1

200 OK

475 B

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/flr.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 32 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
475 B (475 bytes)
Hash
7504068cd268f504a72b36cfdf65c650
b5d118d98ff32476dd44b27d09f2ecf90d5729b7
dd60e0f69576a5259dbf2a6d074f6bdcec7d7cb9b25571d1a22bb2f872dd90d3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/flr.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 475
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq7.png

122.201.67.1

200 OK

11 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq7.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 877 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11323 bytes)
Hash
ca343261254216105f2e164dde122aad
a439caa78f0054ef7f1a59a74650ad9edb1443e4
25073f4f2b08a3cce3e4463804e75b694ebbac835e731869c0b55b2cc9f7eba0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq7.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 11323
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq10.png

122.201.67.1

200 OK

5.6 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq10.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 517 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5584 bytes)
Hash
2563fbaaeaeefcc34047cb28194aa744
eb13fbd7881b142fa5f2a035855349c467837ebc
52c7799e55c66bb30a316bf54a4e0e62e9e0b2f16edf22fc783a6fae29ae2801

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq10.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 5584
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq12.png

122.201.67.1

200 OK

51 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq12.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50594 bytes)
Hash
5e0def8e63a99e936787e98666b95d9d
0f538ca8920e7efcaa6cbefc8ffbad935f1b6de6
4c278d67df0bbcc0faae4216cfed92923b5abbdf60f0f38133ac8c61fbd898d8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq12.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 50594
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq13.png

122.201.67.1

200 OK

28 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq13.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 323, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27839 bytes)
Hash
646c68c87aed55a496c40b5c48768d6c
a00d9c4d60acc5c3563b32ab6437d5d06ed88e26
d8939bffd427c15a06a2229ec62f9ccd945d05c8114ede2f1bf633f83b4779fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq13.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 27839
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq5.png

122.201.67.1

200 OK

32 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq5.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 268, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31972 bytes)
Hash
dce032aee5a94cb9d35e006f256334e1
b78e554303591c9bdf7dc21eec8d89dd01c6686d
17b9b2914770b4f4e757183e11da9773e98688170992b7e8be5b7b2fab09e43f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq5.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 31972
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq16.png

122.201.67.1

200 OK

43 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq16.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 388, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42770 bytes)
Hash
e961dc51909f23f31e7edeea21035a12
74c111eef8a44cdda26d94f9910a639f64a768b7
a57d24063f7f5e45d41ddc407cdcd0cdffd509527e278ecdc3171deefbd4c052

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq16.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 42770
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq14.png

122.201.67.1

200 OK

2.6 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq14.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 399 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2622 bytes)
Hash
e3b7fe92d63f7143cb26c1bf4de03676
e09df45e879c772c3d50c3aaebe69c7b726491fb
ecaeea471f7f018646d9be3ce2282b7089250a0c81c36882b6e2aef3bdd8df05

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq14.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 2622
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq15.png

122.201.67.1

200 OK

25 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq15.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 279, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (25248 bytes)
Hash
10a4deefbb546537e08f06b45a5150d4
f734787aba36b5b8c348153857b8fcf15fa629e5
cc508448525581d7c36aa2a0fb0aeb127fe0563cbbb2666b10e78edfe8b374a2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq15.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 25248
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/ap2.png

122.201.67.1

200 OK

3.2 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/ap2.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 248 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3238 bytes)
Hash
0accdd8fd09235d96b8bb91a9aa68383
5d7d74b177a7c492db62f94d39f4eced4e67867e
23041228fd16d305256c27c4c7f2bd9123d1e39ab6b31f0090819794ed2f2e80

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/ap2.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 3238
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/abtn1.png

122.201.67.1

200 OK

779 B

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/abtn1.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 276 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
779 B (779 bytes)
Hash
ec8d858a5fa5b43345f300cd734e3d47
38ac399e522d4782d182716a0ba882594f21afc5
93be14c5cf1853bc01af2cd61e9ad612098b7657597cfcd6fc84abb8bc49a805

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/abtn1.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 779
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq4.png

122.201.67.1

200 OK

515 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq4.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 323, 8-bit/color RGBA, non-interlaced\012- data
Size
515 kB (514941 bytes)
Hash
18e7e1cda5c5e03dd622b65bab5b42c7
3f12ad8abfa9dceb145a8a1aea1d446abb87e335
e616de9cf92372fb1de5853891c30a72901377575d3bc277baf3920c7a983002

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq4.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 514941
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq17.png

122.201.67.1

200 OK

9.6 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq17.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1033 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
9.6 kB (9646 bytes)
Hash
b090998bdc20316f4b5e04f246c35690
44849f60dda61476dee120df48d5c3b5069b5daf
9c1d5e5ee851d60c8f55acc3b033b65fcbba73fa4d300f270eeb5b3be2fbaee3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq17.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 9646
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq6.png

122.201.67.1

200 OK

11 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/aq6.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1349 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11091 bytes)
Hash
a00d48506f6937b5aee470a4827bf824
b931aee648c08bcdc11b780888701dc278326192
d5d55effc79ff5e174f4bf5addb72b9369c585660158a214542909aa1a6f78da

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/aq6.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 11091
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/ap1.png

122.201.67.1

200 OK

2.6 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/ap1.png
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 231 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2577 bytes)
Hash
609a5a68c4a467663ae3670a88bf13c4
8106e122ccc46f04c148a08ed390344e07dd4213
83b9da91605d1c9a99e510a9ab52a05aeea01b44ff8474884e509b0da5738f0e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/ap1.png HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: image/png
content-length: 2577
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/favicon.ico

122.201.67.1

200 OK

7.2 kB

URL HTTP/2
saltbox.com.au/auseternal/blog/decklist/css/js/BOfA/Validation/images/favicon.ico
IP
122.201.67.1:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
7.2 kB (7169 bytes)
Hash
e9c41bf8d839804f010ed1a115319efb
60b956b0e31cdef1f96e8e728e6200e76ad3bad4
03b86050fe0dcdabd20b285d908a8788e2fcaf5a9a2dcbc115c64eb29dd741e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
urlquery	phishing	Phishing - Bank of America
quad9	Sinkholed

HTTP Headers

GET /auseternal/blog/decklist/css/js/BOfA/Validation/images/favicon.ico HTTP/1.1
Host: saltbox.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://saltbox.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 20:25:16 GMT
content-type: image/x-icon
content-length: 7169
last-modified: Thu, 08 Aug 2019 03:27:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif

194.1.147.82

404 Not Found

0 B

URL HTTP/2
smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif
IP
194.1.147.82:0
ASN
#210250 K Media Tech Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2014/08/Preloader_11.gif HTTP/1.1
Host: smallenvelop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://saltbox.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Wed, 22 Mar 2023 20:25:14 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=eapvq1mqurt7ir5t4t1a2cn1n3; path=/; secure; HttpOnly
pragma: no-cache
cache-control: public,max-age=3600
x-ua-compatible: IE=edge
link: <https://smallenvelop.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (49)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type