r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12726
Expires: Thu, 26 Jan 2023 12:52:23 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5488
Expires: Thu, 26 Jan 2023 10:51:45 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2427
Expires: Thu, 26 Jan 2023 10:00:44 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 08:35:16 GMT
content-type: application/json
age: 2701
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Se7t3yeitnbCKJEuXrylS3O9BmIaNg4fr1Z3TjSykpFmllKPA4exg4lE+hFbAAuahu4P5oXsk3Nuu+etMmmnwA==
x-amz-request-id: 4HE1XMQ49TC4ZBJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 08:48:54 GMT
age: 1883
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 09:20:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aquadec.com.au/
192.185.226.19301 Moved Permanently 0 B IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 09:20:17 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://aquadec.com.au/
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 08:41:40 GMT
age: 2318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6436
Expires: Thu, 26 Jan 2023 11:07:34 GMT
Date: Thu, 26 Jan 2023 09:20:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b094267a2657d0a53bcce06a4652bfd1
eec32d29741a6966925464382b05650eaf4b9af7
800b8fca2fbd139deace5864a558055ea64268670b4cdaf78388781615206220
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "800B8FCA2FBD139DEACE5864A558055EA64268670B4CDAF78388781615206220"
Last-Modified: Tue, 24 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 26 Jan 2023 15:20:18 GMT
Date: Thu, 26 Jan 2023 09:20:18 GMT
Connection: keep-alive
push.services.mozilla.com/
35.164.47.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.47.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c3HqEyBaSOrwZ4+6wRNqTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QUWQayOSg6dEoJpksS0NLWNI1bM=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-166079697-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-166079697-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 8051a56e4b0a580cf39adce3f12a0d48
711e04462e5087ec3a86703257882e7d4690faae
23ddfc1dcd730e123ddb0f00a62c3343fc2d55139306b167b4fece36001343df
GET /gtag/js?id=UA-166079697-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 09:20:19 GMT
expires: Thu, 26 Jan 2023 09:20:19 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=101503
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:32:02 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
aquadec.com.au/wp-content/themes/divi-child/style.css?ver=4.19.3
192.185.226.19200 OK 258 B URL HTTP/2 aquadec.com.au/wp-content/themes/divi-child/style.css?ver=4.19.3
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7a840f04973eeecbbb304fef57b0aaea
36bfa5f9e18b12d9a351e80fb089875caff2c442
2cdb3d8005475212f11a35c3acd5ec661e7141883e0c3a8ca9ae498970719775
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/divi-child/style.css?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 258
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
192.185.226.19200 OK 3.9 kB URL HTTP/2 aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:31:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3861
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
192.185.226.19200 OK 1.3 kB URL HTTP/2 aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5103), with no line terminators
Hash 666ba988c31a303aa8ad81a9561fdced
496e922ecf1539da16c0cb642dab62757ca25e64
c205df38bb214b08ad12d61b0115dd87ac7c36939127f857758d181824e433d4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 08 Jan 2023 05:07:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1335
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/
192.185.226.19200 OK 38 kB IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (26340)
Hash 0e22bc6651d1c3f11def2dd9362ac821
e44e3349a291196dc38082e5ee77252f0217eb7a
5d7b8ff6117fd428066acfca8325276044d0fb1bff2431f33f6b50f9e1e166ee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://aquadec.com.au/wp-json/>; rel="https://api.w.org/", <https://aquadec.com.au/wp-json/wp/v2/pages/74>; rel="alternate"; type="application/json", <https://aquadec.com.au/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 09:20:18 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613
192.185.226.19200 OK 3.1 kB URL HTTP/2 aquadec.com.au/wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6697)
Hash 9093ac1ce0141e68ff0bce988c989080
3cc9e15eeb69a21dbec08ff8d881d442fc534535
e717dc4099a32a9fc972697f115f5da518f418fabe96a1bcfb7c280705d333da
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 08 Jan 2023 04:53:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3106
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/blank.gif
192.185.226.19200 OK 43 B URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/blank.gif
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/css/blank.gif HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 43
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/gif
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/serv1.png
192.185.226.19200 OK 2.7 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/serv1.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 133 x 134, 8-bit colormap, non-interlaced\012- data
Hash 74462cddf0d569f0a5d32a96f8d566de
016644b85e376867eb376ab4ee1e1df62b5e94bd
61d6464c4596c64912f54f658ea5ae03978a6f108be4b81fe6f03ee7a24d20cf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/serv1.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:27 GMT
accept-ranges: bytes
content-length: 2741
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/logo1-min.png
192.185.226.19200 OK 7.3 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/logo1-min.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 252 x 80, 8-bit colormap, non-interlaced\012- data
Hash b55aeb49040fe0205de7223899dd7e18
7ffe56c53899088adc3eb672016475274be72d92
159a7e732b1c40b3047b5d21c530e21c62ca43f0582c502b69da49fb520f1fab
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/logo1-min.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 06:34:38 GMT
accept-ranges: bytes
content-length: 7314
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=101503
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:32:02 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5
192.185.226.19200 OK 1.9 kB URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (3601)
Hash 2d48a24db45f3307dcce566ddbc28631
dc59a9bb0433eefbb1b432b465b351e21fb288c9
041d66a70446742c2ae5a233be8ccf51e21c38e31ceaaabd2052dec0a583f2ca
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1890
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.226.19200 OK 4.6 kB URL HTTP/2 aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Jul 2021 10:03:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3
192.185.226.19200 OK 572 B URL HTTP/2 aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 163c85c033bf0089450e91dfcae120ee
dade9e2c0b826a6e73d0fa3ad2382e8d905e4407
54ba512214b521dfd7696e42b786875789d9be13bb336ebf52a984cf5b19243d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 572
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Hash bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:45 GMT
expires: Wed, 24 Jan 2024 10:03:45 GMT
cache-control: public, max-age=31536000
age: 170194
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Hash 90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 07:38:39 GMT
expires: Wed, 24 Jan 2024 07:38:39 GMT
cache-control: public, max-age=31536000
age: 178900
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Hash e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 02:04:36 GMT
expires: Thu, 25 Jan 2024 02:04:36 GMT
cache-control: public, max-age=31536000
age: 112543
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive
aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.226.19200 OK 40 kB URL HTTP/2 aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 98a175dc00eab9a9ecda0e27a331f560
a28c3ed6825ece0123473e0d1e55c694ad067d73
160bd4f1338993925154e507a2c66c5e476c926645c6e0cf881905af61bb70f3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 03:10:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:40 GMT
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
age: 41439
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c331b0423afe4c6888533296b5f275bc
766aba1f8bb596a068f4e611161fa54616f506ed
0551882e8ba5962ca2c3a8634574e75f11321d46f9c901430614a9c73eaeae12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 1c0f08ae-9b11-4c41-a6e9-819343332f34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF-fElWIAMFg8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf838f-6cf92e9d28ec0c9727e7419a;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A9cyJReV84QegjGfuOcBlZ-T6uefiGXXKnIBXIcn3a1x0kRYQ6XI3A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:34:59 GMT
age: 6320
etag: "766aba1f8bb596a068f4e611161fa54616f506ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dcb846958865d2b14b540f26c963847
90c1569a936c7922880a04a5882683b1ac85b86f
253e15cc191946fe8c499b0633e95523689bdee6c06579c2953c640168abd7a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8897
x-amzn-requestid: c5083c36-d494-4251-bfe4-62edcd28293a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYeyEyEIAMFohw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d45e-3acff5da10ab7def4ec3919d;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:03:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EvM9E1_r-vC0mC8nL9Goo4aoMlJjD9mzTehR14xYoWNDAg95vZCqcA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:20:58 GMT
age: 7161
etag: "90c1569a936c7922880a04a5882683b1ac85b86f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 04:37:14 GMT
age: 16985
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 2f52d4d7-4158-485e-bbae-1f906c40d1f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYg5HvwoAMFxjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d46b-73d5d7862497852334d9cde2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:04:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4szanZUhJULoG1K5oNXzvcaoImIduF8NnkTrwCPSpOFpJMaw7rQqEg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:22:01 GMT
age: 7098
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13fa7641221298b50dd96428df4a60a7
8f306f479049964b44288c97919e3abf3196f785
c5063d45d5222aaf0bf9ddd3a5a24c9856d2684e3c7650e48cd1e9f90d365295
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4774
x-amzn-requestid: 08241dd7-00f9-46ad-97a8-7cef8f3096d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY-zFDBoAMFqXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52b-1dda27b3027ee4a0374a94df;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EGwq_99mkoq7fv9N_uMAtR5aYB4efHUZ-9fAwBB94UsfS29K5e_UlA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:21:43 GMT
age: 7116
etag: "8f306f479049964b44288c97919e3abf3196f785"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/water-min.jpg
192.185.226.19200 OK 17 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/water-min.jpg
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x731, components 3\012- data
Hash 37567fffc143871a563ba68a6a8d675d
6583d85919b4034c945a8cb739fb8026900e48b0
2dd7bda9f03c02e5cf5f0fcd39d4bb03df784ac45b5f3101312648dead21b4b7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/water-min.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Nov 2017 05:09:28 GMT
accept-ranges: bytes
content-length: 16592
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/banner-min-1.jpg
192.185.226.19200 OK 126 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/banner-min-1.jpg
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x662, components 3\012- data
Size 126 kB (126535 bytes)
Hash 040c3762a11374b6de7900f7c2b6040a
40228235d1a35c2ed3d6eec38c7e02038246de59
230bea187a6a33aa807338162d71fe8a44392ea5a5cb61d125074c5f04657828
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/banner-min-1.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:15:04 GMT
accept-ranges: bytes
content-length: 126535
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Regular.otf
192.185.226.19200 OK 63 kB URL HTTP/2 aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Regular.otf
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type OpenType font data\012- data
Hash bf9f5d50c1b928ff21436517a1a95ad9
e41a5e523f03be8b9b9002422a52e4e8741ca462
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/divi-child/font/ProximaNova-Regular.otf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 08:01:04 GMT
accept-ranges: bytes
content-length: 62892
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/otf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/serv2.png
192.185.226.19200 OK 2.9 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/serv2.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 132 x 134, 8-bit colormap, non-interlaced\012- data
Hash 3500bf86044ecb3e1654b1ebdc5b672f
e846f2451805f62cd1c83f5285d6cc138d046105
2184c1d1f86db3337e0efe9a28c5d77eb330fb9972df8581a8bd4eb53cfd0356
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/serv2.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:27 GMT
accept-ranges: bytes
content-length: 2865
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Semibold.otf
192.185.226.19200 OK 63 kB URL HTTP/2 aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Semibold.otf
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type OpenType font data\012- data
Hash f14eee643541cf03a10f26c944cc29f5
1fbed071180d360f01e78672affeea6a0a256fbc
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/divi-child/font/ProximaNova-Semibold.otf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 10:34:06 GMT
accept-ranges: bytes
content-length: 63116
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/otf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
192.185.226.19200 OK 92 kB URL HTTP/2 aquadec.com.au/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:45 GMT
accept-ranges: bytes
content-length: 92400
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/ttf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/serv3.png
192.185.226.19200 OK 2.4 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/serv3.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 133 x 134, 8-bit colormap, non-interlaced\012- data
Hash d4202c8ab5d17513b3b7c1ffa26be375
b46c744290362086e78cad6188582913db41636b
4bd2c9aa045d2197dd6ce23dd3926fd55bb0107c558f78ad5b67dc686cef5d50
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/serv3.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:44:27 GMT
accept-ranges: bytes
content-length: 2377
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/serv4.png
192.185.226.19200 OK 3.6 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/serv4.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 132 x 134, 8-bit colormap, non-interlaced\012- data
Hash 1d1bb0cc3e3ba2e81c16acce89518f70
e02dd3b2a718516a33bb1ef05b2f412acbc530f0
ee9dcecf4fdcd00ee4f6b026fc72ab2db906932706c6f46320daf081bec7576a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/serv4.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:29 GMT
accept-ranges: bytes
content-length: 3562
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
192.185.226.19200 OK 2.7 kB URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 2707
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/gif
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png
192.185.226.19200 OK 4.3 kB URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 152 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash a3a5c82f953a4a05e52f906dc41feec8
7c8acef254914991154acdfe9c389308d2653187
0ffe16667a16b259f9e27c8bb6726f7e6c63750d5276aa3a02009d823030cb37
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 4267
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/ba6692f8c3.css
172.64.132.15200 OK 116 kB URL HTTP/2 use.fontawesome.com/ba6692f8c3.css
IP 172.64.132.15:0
Size 116 kB (115852 bytes)
Hash ffbfce77bb02db6ec5d04266b57e0752
a7d1fbf4aaae466240ba9d51eebbe6682bf37359
99430d7de3c9a27cc6b2c6c074d2c2adead44d104fb60d29c2381753a7fafb3c
GET /ba6692f8c3.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 09:20:19 GMT
content-type: text/css
x-amz-id-2: Ot0HbLn8jcefECmmcVJjBbgzgF+pqTiReUNDSSz12b0MBtaZX0w4hFhG5Rm34VA0+fajfT/2A+M=
x-amz-request-id: A7QS7JJXJH7MT42V
last-modified: Thu, 01 Jul 2021 14:24:27 GMT
etag: W/"9445460ff59b8684ddf1db20fb3ec13a"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ih7WwfDIr%2F4t8odeTzlXM%2FW8c7GDnhnvCgzg3xCwmapH%2BYWoeD4RDazdqxOnGNgNjmnx65KZUe2q07o9if9ytxkbUOEyV1kQlaX1CaNN%2Fp0%2FCdwyDWkyO%2FO7UdPRiomr1Egt3ah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f82c0a5e1a23d3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg
192.185.226.19200 OK 136 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size 136 kB (135818 bytes)
Hash 95a45bb3a16de13be45544f5d05be9ed
c20cc4bb27b261a1314d72722dd22e75b74b80bc
ce665c5bc66262b019c1512f05bc54af08453c546893477f270b05f9dfda0def
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Jan 2018 23:45:02 GMT
accept-ranges: bytes
content-length: 135818
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg
192.185.226.19200 OK 246 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x680, components 3\012- data
Size 246 kB (245584 bytes)
Hash 13866029ef188fdfaa20d04f22218387
8f609c41e7bcf2ea969e2cc12213c4709de999db
08f44019451b404483502e9f7bfa81ea5de38a45fee29326a82c2e5b1f217a39
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Jan 2018 23:42:22 GMT
accept-ranges: bytes
content-length: 245584
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5
192.185.226.19200 OK 58 kB URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95447b672c06449d07c0eec20d175cef
fc83abc3d6d9e72194da3fe5167a8972a31364dc
831a62e094a6f55ef6ce9f0152ad127fa5196076f68061f9bdc90e122bdc5364
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
aquadec.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.226.19200 OK 44 kB URL HTTP/2 aquadec.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ea93d5f459feeab8e95323d31adbb525
a7fe04ebef3b53627b2a6d34fceda7401530f686
677c92f972aec9245ee15e7dede407b8731a30abe39c3605ae561fb9b1b59b69
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 03:10:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.110200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 09:08:55 GMT
expires: Thu, 26 Jan 2023 10:08:55 GMT
cache-control: public, max-age=3600
age: 685
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/uploads/2017/11/favicon.png
192.185.226.19200 OK 2.0 kB URL HTTP/2 aquadec.com.au/wp-content/uploads/2017/11/favicon.png
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash fc348aeeda48e956f443f6c83b4009e0
e14784c7304979739dd34122b8acbebe75a934c2
63784c756c345cf187997a7109fbc54201bfe0f30126be4d259bf2b3f70ca507
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/favicon.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 06:39:37 GMT
accept-ranges: bytes
content-length: 2021
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CaxCPk4-9yhypamZa96f4IyujB3AMeGmpcYP1UmJtjp275dwFjVOcw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:21:33 GMT
age: 7133
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
192.185.226.19200 OK 0 B URL HTTP/2 aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/ba6692f8c3.js
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/ba6692f8c3.js
IP 172.64.132.15:0
GET /ba6692f8c3.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 09:20:19 GMT
content-type: text/javascript
x-amz-id-2: IcqvmrsCcZW5OG9WtgrvaCE5gSsRbnRRHiZHHFHquBFeSH8UPyAh5QkzE9T/gnDylUNGcQCl9L8=
x-amz-request-id: A7QYAHSX2X0Y2953
last-modified: Thu, 01 Jul 2021 14:24:27 GMT
etag: W/"8d7aa4913a0111d9a28ef5f2a01f63ca"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T9tErH%2BWq4Zb48PmziYDCuXmbm%2B9cv%2BeSJGYNgTC5%2Fpxk4qn%2FGH7BK8Mga6frlOxulTzip8jwfcYUjyrb7sgZ8knXh1SwdITSsyogqskuye1RqLCF4IQnK3O4PtDfsOzSJ9wScs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f82c08fb8923d3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3
192.185.226.19200 OK 0 B URL HTTP/2 aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3
IP 192.185.226.19:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2