Report - aquadec.com.au/

Report Overview

Submitted URL
aquadec.com.au/
IP
192.185.226.19
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-01-26 09:20:29
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.47.95
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	45 kB	142.250.74.40
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	1.7 kB	142.250.74.110
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
aquadec.com.au	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	975 kB	192.185.226.19
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	763 B	118 kB	172.64.132.15
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.2 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	69 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	68 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	aquadec.com.au/	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453	Phishing
2023-01-26	medium	aquadec.com.au/	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5	Phishing
2023-01-26	medium	aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Regular.otf	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Semibold.otf	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf	Phishing
2023-01-26	medium	aquadec.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2023-01-26	medium	aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed
2023-01-26	medium	aquadec.com.au	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3	1.3 kB	2023-03-07	2024-04-25
Pretty URL aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-25 01:05:30 Times Seen9479 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

	www.googletagmanager.com/gtag/js?id=UA-166079697-1	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-166079697-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:18 Last Seen2023-03-13 07:25:18 Times Seen1 Hash c0796b46e76010cb10f255bb2020d328 b900eaaa13730b65042226b982f01400f9ad5831 1ddfa06bf3791115209ae390be36c0ace98c99bc0b2ef6240997f9d94f06bbf3 Loading...

	use.fontawesome.com/ba6692f8c3.js	9.5 kB	2023-03-13	2023-03-13
Pretty URL use.fontawesome.com/ba6692f8c3.js IP 172.64.132.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:18 Last Seen2023-03-13 07:25:18 Times Seen1 Hash 8d7aa4913a0111d9a28ef5f2a01f63ca 8a10dedaa932e3b9d791c385ffdca4554373296c be10516b8b4836f844983be4e0f7e99cd2269d09b7c2fe118e2292bb294d7399 Loading...

	aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5	5.6 kB	2023-03-07	2024-04-24
Pretty URL aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-24 17:55:26 Times Seen2676 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 06:13:12 Times Seen68612 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	aquadec.com.au/	180 B	2023-03-07	2024-04-24
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-24 22:40:37 Times Seen3182 Hash 623d6f59f2a5b2ba62b39858ccdd3989 6a97f16eb9c49657c50eb392d761380915ffd423 dd2c61ba8e6b506df9729d254d5c12b3c0f9de99bb7e5dba5f7e58c15d729f89 Loading...

	aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5	171 kB	2023-03-07	2023-11-19
Pretty URL aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:26 Last Seen2023-11-19 23:22:58 Times Seen14 Hash a8050fa82d43d709a2c490c1816757dc 1b84300b34978a267efdfcc1189564fcc34e8fe5 0b8308479dcbde445d5f6c54a0489ac9320e424b04e52bdba946effa80976d6e Loading...

	aquadec.com.au/	224 B	2023-03-13	2023-03-13
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:19 Last Seen2023-03-13 07:25:19 Times Seen1 Hash 9d4ab8ea5ec97f60d1944265dc2ca3cc a4eb5767dd02495d6b2f91ec07d006977030ae00 4e24f9d79027169cea1592b3327b83b98d6cc9172224a64e76556d02b28440dd Loading...

	aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-25
Pretty URL aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 04:27:26 Times Seen31805 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	aquadec.com.au/	47 B	2023-03-07	2024-04-25
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-25 01:05:28 Times Seen6631 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	aquadec.com.au/	739 B	2023-03-07	2024-04-25
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-25 01:05:28 Times Seen4214 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0	12 kB	2023-03-07	2024-04-25
Pretty URL aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-04-25 08:07:38 Times Seen5599 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	aquadec.com.au/	1.6 kB	2023-03-13	2023-03-13
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:19 Last Seen2023-03-13 07:25:19 Times Seen1 Hash 8a0a14ab4d0437d9a3350783b735ed42 a4a03062ad5ed9896388fb2be5cb982412923b71 b063bb35b55e0acb633916588db6f9a59bab851d1c6d60b38bde00036fea1720 Loading...

	aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3	274 kB	2023-03-09	2024-04-07
Pretty URL aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3 IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:09:37 Last Seen2024-04-07 22:00:53 Times Seen260 Hash f845835c2dfc5551992157ea39d0d4cf e43acc03de068a701f09e5d8606fbdd120e2db31 3bdc5a59494b93113415b0dbb4886e3de0fd9565af5cfb38c575f1538e3525ba Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-04-15
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-15 19:01:06 Times Seen1974 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	aquadec.com.au/	5.6 kB	2023-03-13	2023-03-13
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:19 Last Seen2023-03-13 07:25:19 Times Seen1 Hash 813dfce198ca1ee71e436b521d6b1b5b 46725f731c3ed2c2558b6df903252909a38fcc30 4153caa7719f122e75abfd795a87d536e607ff2bd9fe9474bcf5631e37eb2cfa Loading...

	aquadec.com.au/	368 B	2023-03-13	2023-03-13
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:19 Last Seen2023-03-13 07:25:19 Times Seen1 Hash 3bf722ab32f8f24cb4be788873d53d26 45e76793eee1a2f377d29f0a35cdd12ff6acb491 0b29ff1d782ac9a4f52d213b76c9c83bbf9f05ae13d9efc8648b76afaaea2cc0 Loading...

	aquadec.com.au/	1.7 kB	2023-03-13	2023-03-13
Pretty URL aquadec.com.au/ IP 192.185.226.19 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:19 Last Seen2023-03-13 07:25:19 Times Seen1 Hash 3f6dec4a4a9afccf26a0a5d2914a8b25 7e6d8f6c567fc01efa83ee8ef4fc7f811d31570c 2b0f6b069914bdab3f22e48d5e1dd17f78fa5fea2e6f313c77e601a651cc6083 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

HTTP Transactions (66)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12726
Expires: Thu, 26 Jan 2023 12:52:23 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5488
Expires: Thu, 26 Jan 2023 10:51:45 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2427
Expires: Thu, 26 Jan 2023 10:00:44 GMT
Date: Thu, 26 Jan 2023 09:20:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 08:35:16 GMT
content-type: application/json
age: 2701
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Se7t3yeitnbCKJEuXrylS3O9BmIaNg4fr1Z3TjSykpFmllKPA4exg4lE+hFbAAuahu4P5oXsk3Nuu+etMmmnwA==
x-amz-request-id: 4HE1XMQ49TC4ZBJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 08:48:54 GMT
age: 1883
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 09:20:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

aquadec.com.au/

192.185.226.19

301 Moved Permanently

0 B

URL HTTP/1.1
aquadec.com.au/
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 09:20:17 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://aquadec.com.au/
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 08:41:40 GMT
age: 2318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6436
Expires: Thu, 26 Jan 2023 11:07:34 GMT
Date: Thu, 26 Jan 2023 09:20:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b094267a2657d0a53bcce06a4652bfd1
eec32d29741a6966925464382b05650eaf4b9af7
800b8fca2fbd139deace5864a558055ea64268670b4cdaf78388781615206220

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "800B8FCA2FBD139DEACE5864A558055EA64268670B4CDAF78388781615206220"
Last-Modified: Tue, 24 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 26 Jan 2023 15:20:18 GMT
Date: Thu, 26 Jan 2023 09:20:18 GMT
Connection: keep-alive

push.services.mozilla.com/

35.164.47.95

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.47.95:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c3HqEyBaSOrwZ4+6wRNqTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QUWQayOSg6dEoJpksS0NLWNI1bM=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-166079697-1

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-166079697-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (44095 bytes)
Hash
8051a56e4b0a580cf39adce3f12a0d48
711e04462e5087ec3a86703257882e7d4690faae
23ddfc1dcd730e123ddb0f00a62c3343fc2d55139306b167b4fece36001343df

HTTP Headers

GET /gtag/js?id=UA-166079697-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 09:20:19 GMT
expires: Thu, 26 Jan 2023 09:20:19 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=101503
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:32:02 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

aquadec.com.au/wp-content/themes/divi-child/style.css?ver=4.19.3

192.185.226.19

200 OK

258 B

URL HTTP/2
aquadec.com.au/wp-content/themes/divi-child/style.css?ver=4.19.3
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
258 B (258 bytes)
Hash
7a840f04973eeecbbb304fef57b0aaea
36bfa5f9e18b12d9a351e80fb089875caff2c442
2cdb3d8005475212f11a35c3acd5ec661e7141883e0c3a8ca9ae498970719775

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/divi-child/style.css?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 258
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0

192.185.226.19

200 OK

3.9 kB

URL HTTP/2
aquadec.com.au/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1577)
Size
3.9 kB (3861 bytes)
Hash
0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:31:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3861
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453

192.185.226.19

200 OK

1.3 kB

URL HTTP/2
aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5103), with no line terminators
Size
1.3 kB (1335 bytes)
Hash
666ba988c31a303aa8ad81a9561fdced
496e922ecf1539da16c0cb642dab62757ca25e64
c205df38bb214b08ad12d61b0115dd87ac7c36939127f857758d181824e433d4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 08 Jan 2023 05:07:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1335
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/

192.185.226.19

200 OK

38 kB

URL HTTP/2
aquadec.com.au/
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (26340)
Size
38 kB (37931 bytes)
Hash
0e22bc6651d1c3f11def2dd9362ac821
e44e3349a291196dc38082e5ee77252f0217eb7a
5d7b8ff6117fd428066acfca8325276044d0fb1bff2431f33f6b50f9e1e166ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
link: <https://aquadec.com.au/wp-json/>; rel="https://api.w.org/", <https://aquadec.com.au/wp-json/wp/v2/pages/74>; rel="alternate"; type="application/json", <https://aquadec.com.au/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 09:20:18 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613

192.185.226.19

200 OK

3.1 kB

URL HTTP/2
aquadec.com.au/wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6697)
Size
3.1 kB (3106 bytes)
Hash
9093ac1ce0141e68ff0bce988c989080
3cc9e15eeb69a21dbec08ff8d881d442fc534535
e717dc4099a32a9fc972697f115f5da518f418fabe96a1bcfb7c280705d333da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/et-cache/74/et-divi-dynamic-74.css?ver=1673153613 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 08 Jan 2023 04:53:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3106
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/blank.gif

192.185.226.19

200 OK

43 B

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/blank.gif
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/css/blank.gif HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 43
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/gif
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/serv1.png

192.185.226.19

200 OK

2.7 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/serv1.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 133 x 134, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2741 bytes)
Hash
74462cddf0d569f0a5d32a96f8d566de
016644b85e376867eb376ab4ee1e1df62b5e94bd
61d6464c4596c64912f54f658ea5ae03978a6f108be4b81fe6f03ee7a24d20cf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/serv1.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:27 GMT
accept-ranges: bytes
content-length: 2741
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/logo1-min.png

192.185.226.19

200 OK

7.3 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/logo1-min.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 252 x 80, 8-bit colormap, non-interlaced\012- data
Size
7.3 kB (7314 bytes)
Hash
b55aeb49040fe0205de7223899dd7e18
7ffe56c53899088adc3eb672016475274be72d92
159a7e732b1c40b3047b5d21c530e21c62ca43f0582c502b69da49fb520f1fab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/logo1-min.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 06:34:38 GMT
accept-ranges: bytes
content-length: 7314
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=101503
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:32:02 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5

192.185.226.19

200 OK

1.9 kB

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.9 kB (1890 bytes)
Hash
2d48a24db45f3307dcce566ddbc28631
dc59a9bb0433eefbb1b432b465b351e21fb288c9
041d66a70446742c2ae5a233be8ccf51e21c38e31ceaaabd2052dec0a583f2ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1890
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

192.185.226.19

200 OK

4.6 kB

URL HTTP/2
aquadec.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 04 Jul 2021 10:03:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3

192.185.226.19

200 OK

572 B

URL HTTP/2
aquadec.com.au/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
572 B (572 bytes)
Hash
163c85c033bf0089450e91dfcae120ee
dade9e2c0b826a6e73d0fa3ad2382e8d905e4407
54ba512214b521dfd7696e42b786875789d9be13bb336ebf52a984cf5b19243d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 572
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Size
22 kB (22084 bytes)
Hash
bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:45 GMT
expires: Wed, 24 Jan 2024 10:03:45 GMT
cache-control: public, max-age=31536000
age: 170194
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Size
22 kB (21516 bytes)
Hash
90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 07:38:39 GMT
expires: Wed, 24 Jan 2024 07:38:39 GMT
cache-control: public, max-age=31536000
age: 178900
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Size
22 kB (22212 bytes)
Hash
e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aquadec.com.au
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 02:04:36 GMT
expires: Thu, 25 Jan 2024 02:04:36 GMT
cache-control: public, max-age=31536000
age: 112543
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 09:20:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive

aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

192.185.226.19

200 OK

40 kB

URL HTTP/2
aquadec.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
40 kB (39656 bytes)
Hash
98a175dc00eab9a9ecda0e27a331f560
a28c3ed6825ece0123473e0d1e55c694ad067d73
160bd4f1338993925154e507a2c66c5e476c926645c6e0cf881905af61bb70f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 03:10:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17250
Expires: Thu, 26 Jan 2023 14:07:49 GMT
Date: Thu, 26 Jan 2023 09:20:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:40 GMT
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
age: 41439
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7426 bytes)
Hash
c331b0423afe4c6888533296b5f275bc
766aba1f8bb596a068f4e611161fa54616f506ed
0551882e8ba5962ca2c3a8634574e75f11321d46f9c901430614a9c73eaeae12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 1c0f08ae-9b11-4c41-a6e9-819343332f34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF-fElWIAMFg8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf838f-6cf92e9d28ec0c9727e7419a;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A9cyJReV84QegjGfuOcBlZ-T6uefiGXXKnIBXIcn3a1x0kRYQ6XI3A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:34:59 GMT
age: 6320
etag: "766aba1f8bb596a068f4e611161fa54616f506ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8897 bytes)
Hash
8dcb846958865d2b14b540f26c963847
90c1569a936c7922880a04a5882683b1ac85b86f
253e15cc191946fe8c499b0633e95523689bdee6c06579c2953c640168abd7a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47770e9d-2bfd-4b8d-8653-017d569d133f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8897
x-amzn-requestid: c5083c36-d494-4251-bfe4-62edcd28293a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYeyEyEIAMFohw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d45e-3acff5da10ab7def4ec3919d;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:03:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EvM9E1_r-vC0mC8nL9Goo4aoMlJjD9mzTehR14xYoWNDAg95vZCqcA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:20:58 GMT
age: 7161
etag: "90c1569a936c7922880a04a5882683b1ac85b86f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11918 bytes)
Hash
4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 04:37:14 GMT
age: 16985
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14856 bytes)
Hash
cfe699b31f96add9f1439af1ff1191eb
f77a833a69b69eef4a39e404c102f624e96b52c0
44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 2f52d4d7-4158-485e-bbae-1f906c40d1f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYg5HvwoAMFxjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d46b-73d5d7862497852334d9cde2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:04:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4szanZUhJULoG1K5oNXzvcaoImIduF8NnkTrwCPSpOFpJMaw7rQqEg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:22:01 GMT
age: 7098
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4774 bytes)
Hash
13fa7641221298b50dd96428df4a60a7
8f306f479049964b44288c97919e3abf3196f785
c5063d45d5222aaf0bf9ddd3a5a24c9856d2684e3c7650e48cd1e9f90d365295

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4774
x-amzn-requestid: 08241dd7-00f9-46ad-97a8-7cef8f3096d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY-zFDBoAMFqXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52b-1dda27b3027ee4a0374a94df;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EGwq_99mkoq7fv9N_uMAtR5aYB4efHUZ-9fAwBB94UsfS29K5e_UlA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:21:43 GMT
age: 7116
etag: "8f306f479049964b44288c97919e3abf3196f785"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/water-min.jpg

192.185.226.19

200 OK

17 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/water-min.jpg
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x731, components 3\012- data
Size
17 kB (16592 bytes)
Hash
37567fffc143871a563ba68a6a8d675d
6583d85919b4034c945a8cb739fb8026900e48b0
2dd7bda9f03c02e5cf5f0fcd39d4bb03df784ac45b5f3101312648dead21b4b7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/water-min.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 14 Nov 2017 05:09:28 GMT
accept-ranges: bytes
content-length: 16592
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/banner-min-1.jpg

192.185.226.19

200 OK

126 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/banner-min-1.jpg
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x662, components 3\012- data
Size
126 kB (126535 bytes)
Hash
040c3762a11374b6de7900f7c2b6040a
40228235d1a35c2ed3d6eec38c7e02038246de59
230bea187a6a33aa807338162d71fe8a44392ea5a5cb61d125074c5f04657828

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/banner-min-1.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/et-cache/74/et-core-unified-deferred-74.min.css?ver=1673154453
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:15:04 GMT
accept-ranges: bytes
content-length: 126535
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Regular.otf

192.185.226.19

200 OK

63 kB

URL HTTP/2
aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Regular.otf
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
OpenType font data\012- data
Size
63 kB (62892 bytes)
Hash
bf9f5d50c1b928ff21436517a1a95ad9
e41a5e523f03be8b9b9002422a52e4e8741ca462
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/divi-child/font/ProximaNova-Regular.otf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 08:01:04 GMT
accept-ranges: bytes
content-length: 62892
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/otf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/serv2.png

192.185.226.19

200 OK

2.9 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/serv2.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 132 x 134, 8-bit colormap, non-interlaced\012- data
Size
2.9 kB (2865 bytes)
Hash
3500bf86044ecb3e1654b1ebdc5b672f
e846f2451805f62cd1c83f5285d6cc138d046105
2184c1d1f86db3337e0efe9a28c5d77eb330fb9972df8581a8bd4eb53cfd0356

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/serv2.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:27 GMT
accept-ranges: bytes
content-length: 2865
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Semibold.otf

192.185.226.19

200 OK

63 kB

URL HTTP/2
aquadec.com.au/wp-content/themes/divi-child/font/ProximaNova-Semibold.otf
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
OpenType font data\012- data
Size
63 kB (63116 bytes)
Hash
f14eee643541cf03a10f26c944cc29f5
1fbed071180d360f01e78672affeea6a0a256fbc
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/divi-child/font/ProximaNova-Semibold.otf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 10:34:06 GMT
accept-ranges: bytes
content-length: 63116
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/otf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf

192.185.226.19

200 OK

92 kB

URL HTTP/2
aquadec.com.au/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size
92 kB (92400 bytes)
Hash
de27b3e66b2f8017e000aa9d8d24d60e
e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:45 GMT
accept-ranges: bytes
content-length: 92400
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/ttf
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/serv3.png

192.185.226.19

200 OK

2.4 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/serv3.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 133 x 134, 8-bit colormap, non-interlaced\012- data
Size
2.4 kB (2377 bytes)
Hash
d4202c8ab5d17513b3b7c1ffa26be375
b46c744290362086e78cad6188582913db41636b
4bd2c9aa045d2197dd6ce23dd3926fd55bb0107c558f78ad5b67dc686cef5d50

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/serv3.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:44:27 GMT
accept-ranges: bytes
content-length: 2377
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/serv4.png

192.185.226.19

200 OK

3.6 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/serv4.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 132 x 134, 8-bit colormap, non-interlaced\012- data
Size
3.6 kB (3562 bytes)
Hash
1d1bb0cc3e3ba2e81c16acce89518f70
e02dd3b2a718516a33bb1ef05b2f412acbc530f0
ee9dcecf4fdcd00ee4f6b026fc72ab2db906932706c6f46320daf081bec7576a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/serv4.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 10 Nov 2017 11:37:29 GMT
accept-ranges: bytes
content-length: 3562
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif

192.185.226.19

200 OK

2.7 kB

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 32 x 32\012- data
Size
2.7 kB (2707 bytes)
Hash
214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 2707
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/gif
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png

192.185.226.19

200 OK

4.3 kB

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 152 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4267 bytes)
Hash
a3a5c82f953a4a05e52f906dc41feec8
7c8acef254914991154acdfe9c389308d2653187
0ffe16667a16b259f9e27c8bb6726f7e6c63750d5276aa3a02009d823030cb37

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
content-length: 4267
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/ba6692f8c3.css

172.64.132.15

200 OK

116 kB

URL HTTP/2
use.fontawesome.com/ba6692f8c3.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
116 kB (115852 bytes)
Hash
ffbfce77bb02db6ec5d04266b57e0752
a7d1fbf4aaae466240ba9d51eebbe6682bf37359
99430d7de3c9a27cc6b2c6c074d2c2adead44d104fb60d29c2381753a7fafb3c

HTTP Headers

GET /ba6692f8c3.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 09:20:19 GMT
content-type: text/css
x-amz-id-2: Ot0HbLn8jcefECmmcVJjBbgzgF+pqTiReUNDSSz12b0MBtaZX0w4hFhG5Rm34VA0+fajfT/2A+M=
x-amz-request-id: A7QS7JJXJH7MT42V
last-modified: Thu, 01 Jul 2021 14:24:27 GMT
etag: W/"9445460ff59b8684ddf1db20fb3ec13a"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ih7WwfDIr%2F4t8odeTzlXM%2FW8c7GDnhnvCgzg3xCwmapH%2BYWoeD4RDazdqxOnGNgNjmnx65KZUe2q07o9if9ytxkbUOEyV1kQlaX1CaNN%2Fp0%2FCdwyDWkyO%2FO7UdPRiomr1Egt3ah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f82c0a5e1a23d3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg

192.185.226.19

200 OK

136 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x683, components 3\012- data
Size
136 kB (135818 bytes)
Hash
95a45bb3a16de13be45544f5d05be9ed
c20cc4bb27b261a1314d72722dd22e75b74b80bc
ce665c5bc66262b019c1512f05bc54af08453c546893477f270b05f9dfda0def

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/shutterstock_607581032-1024x683.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 21 Jan 2018 23:45:02 GMT
accept-ranges: bytes
content-length: 135818
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg

192.185.226.19

200 OK

246 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x680, components 3\012- data
Size
246 kB (245584 bytes)
Hash
13866029ef188fdfaa20d04f22218387
8f609c41e7bcf2ea969e2cc12213c4709de999db
08f44019451b404483502e9f7bfa81ea5de38a45fee29326a82c2e5b1f217a39

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/shutterstock_391875175-1024x680.jpg HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 21 Jan 2018 23:42:22 GMT
accept-ranges: bytes
content-length: 245584
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5

192.185.226.19

200 OK

58 kB

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
58 kB (57920 bytes)
Hash
95447b672c06449d07c0eec20d175cef
fc83abc3d6d9e72194da3fe5167a8972a31364dc
831a62e094a6f55ef6ce9f0152ad127fa5196076f68061f9bdc90e122bdc5364

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

aquadec.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

192.185.226.19

200 OK

44 kB

URL HTTP/2
aquadec.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
44 kB (44507 bytes)
Hash
ea93d5f459feeab8e95323d31adbb525
a7fe04ebef3b53627b2a6d34fceda7401530f686
677c92f972aec9245ee15e7dede407b8731a30abe39c3605ae561fb9b1b59b69

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 30 Nov 2022 03:10:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/linkid.js

142.250.74.110

200 OK

859 B

URL HTTP/2
www.google-analytics.com/plugins/ua/linkid.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1335)
Size
859 B (859 bytes)
Hash
904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237

HTTP Headers

GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 09:08:55 GMT
expires: Thu, 26 Jan 2023 10:08:55 GMT
cache-control: public, max-age=3600
age: 685
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/uploads/2017/11/favicon.png

192.185.226.19

200 OK

2.0 kB

URL HTTP/2
aquadec.com.au/wp-content/uploads/2017/11/favicon.png
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2021 bytes)
Hash
fc348aeeda48e956f443f6c83b4009e0
e14784c7304979739dd34122b8acbebe75a934c2
63784c756c345cf187997a7109fbc54201bfe0f30126be4d259bf2b3f70ca507

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2017/11/favicon.png HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 13 Nov 2017 06:39:37 GMT
accept-ranges: bytes
content-length: 2021
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 26 Jan 2023 09:20:20 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6609 bytes)
Hash
b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CaxCPk4-9yhypamZa96f4IyujB3AMeGmpcYP1UmJtjp275dwFjVOcw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:21:33 GMT
age: 7133
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5

192.185.226.19

200 OK

0 B

URL HTTP/2
aquadec.com.au/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.5 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:48:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/ba6692f8c3.js

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/ba6692f8c3.js
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ba6692f8c3.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 09:20:19 GMT
content-type: text/javascript
x-amz-id-2: IcqvmrsCcZW5OG9WtgrvaCE5gSsRbnRRHiZHHFHquBFeSH8UPyAh5QkzE9T/gnDylUNGcQCl9L8=
x-amz-request-id: A7QYAHSX2X0Y2953
last-modified: Thu, 01 Jul 2021 14:24:27 GMT
etag: W/"8d7aa4913a0111d9a28ef5f2a01f63ca"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T9tErH%2BWq4Zb48PmziYDCuXmbm%2B9cv%2BeSJGYNgTC5%2Fpxk4qn%2FGH7BK8Mga6frlOxulTzip8jwfcYUjyrb7sgZ8knXh1SwdITSsyogqskuye1RqLCF4IQnK3O4PtDfsOzSJ9wScs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f82c08fb8923d3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3

192.185.226.19

200 OK

0 B

URL HTTP/2
aquadec.com.au/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3
IP
192.185.226.19:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.3 HTTP/1.1
Host: aquadec.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aquadec.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 04:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 26 Jan 2023 09:20:19 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML