| glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2 | 13.50.12.179 | 200 OK | 4.3 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hash849cd603e2afe999609b2837951e6228 ed0a93d81262d6227ef810b68028a4adb5246107 ad3ae042d4a2cc2312ac8467a05c5695bde991c4cd555ea4c244c42706965eaa
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /css/sfdc_210.css?v=2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:00 GMT
content-type: text/css
x-sfdc-request-check: 2
expires: Wed, 04 Sep 2024 21:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cache-control: public,max-age=10368000
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:26:09 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: 7a0174312f754c40941ed018b7254e87
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| jpn144.sfdc-mchho0.salesforce.com/brand-asset/CAAAAY9WuGDbAAAAAAAAAAAAAAAAAAAAAAAA-EFOjxYYbup7YZtWOhCYs9Bllvx1j6DDaHlvr-tnLx1oEjamOeND7BQDjHvRHmyxRAoNfaPVzBTWBHdD2HZVqJRTFzd37zeJCLqyyYrXbWKE | 52.192.137.143 | 200 OK | 10 kB |
URL GET HTTP/2jpn144.sfdc-mchho0.salesforce.com/brand-asset/CAAAAY9WuGDbAAAAAAAAAAAAAAAAAAAAAAAA-EFOjxYYbup7YZtWOhCYs9Bllvx1j6DDaHlvr-tnLx1oEjamOeND7BQDjHvRHmyxRAoNfaPVzBTWBHdD2HZVqJRTFzd37zeJCLqyyYrXbWKE IP52.192.137.143:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectjpn144.sfdc-mchho0.salesforce.com Fingerprint3F:58:E6:66:13:8C:27:23:B3:F8:56:3A:6B:8C:EE:38:30:47:32:E7 ValidityMon, 14 Aug 2023 00:00:00 GMT - Tue, 13 Aug 2024 23:59:59 GMT
File typePNG image data, 250 x 125, 8-bit/color RGBA, non-interlaced Hash9d48c515ae968babd29d60892caec0af 7c48b92c6dd2133b0c9c0e427af3526b949c29d7 531cb5b90d3443702841927f297b3fd467410ef621d8f75e405ed461bdbcf54e
GET /brand-asset/CAAAAY9WuGDbAAAAAAAAAAAAAAAAAAAAAAAA-EFOjxYYbup7YZtWOhCYs9Bllvx1j6DDaHlvr-tnLx1oEjamOeND7BQDjHvRHmyxRAoNfaPVzBTWBHdD2HZVqJRTFzd37zeJCLqyyYrXbWKE HTTP/1.1
Host: jpn144.sfdc-mchho0.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
set-cookie: CookieConsentPolicy=0:0; path=/; expires=Wed, 07-May-2025 21:43:01 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:0; path=/; expires=Wed, 07-May-2025 21:43:01 GMT; Max-Age=31536000; secure; SameSite=None
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
referrer-policy: origin-when-cross-origin
cache-control: public,max-age=3888000
content-type: image/png
p3p: CP="CUR OTR STA"
expires: Fri, 21 Jun 2024 21:43:01 GMT
last-modified: Fri, 1 May 2020 00:45:54 GMT
content-length: 9980
X-Firefox-Spdy: h2
|
|
| login.salesforce.com/login/sessionserver212.html | 85.222.152.67 | 200 OK | 98 B |
URL GET HTTP/1.1login.salesforce.com/login/sessionserver212.html IP85.222.152.67:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectlogin.salesforce.com Fingerprint96:B3:67:7B:A1:37:62:48:91:14:43:0A:1F:CF:BF:7D:16:08:B6:17 ValidityTue, 05 Mar 2024 00:00:00 GMT - Wed, 05 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashf1375ef84643a5974d735836e66d3829 a8ea06a865b284d2965aeb5108c445ff53e5a285 db743dbd91a699d36f6a755ad2c8eec5ce0d1b3715df50a651b7c24de11c1811
GET /login/sessionserver212.html HTTP/1.1
Host: login.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:43:01 GMT
Set-Cookie: CookieConsentPolicy=0:0; path=/; expires=Wed, 07-May-2025 21:43:01 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:0; path=/; expires=Wed, 07-May-2025 21:43:01 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Wed, 08 May 2024 21:43:01 GMT
Last-Modified: Wed, 23 Aug 2017 20:39:30 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
|
|
| login.salesforce.com/jslibrary/SessionServer212.js | 85.222.152.67 | 200 OK | 8.8 kB |
URL GET HTTP/1.1login.salesforce.com/jslibrary/SessionServer212.js IP85.222.152.67:443
Requested byhttps://login.salesforce.com/login/sessionserver212.html CertificateIssuerDigiCert Inc Subjectlogin.salesforce.com Fingerprint96:B3:67:7B:A1:37:62:48:91:14:43:0A:1F:CF:BF:7D:16:08:B6:17 ValidityTue, 05 Mar 2024 00:00:00 GMT - Wed, 05 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (575) Hash73a1f29e8c7cd49d00053c5ae784dfa9 eaec29f3ebaa1a5fadf3d326b7d395dfdc9296b7 0e21ffa9feb64d907c7ac56565cd75ebd0db526708f76dfa9ce60e91bf014e7e
GET /jslibrary/SessionServer212.js HTTP/1.1
Host: login.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.salesforce.com/login/sessionserver212.html
DNT: 1
Connection: keep-alive
Cookie: BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg; CookieConsentPolicy=0:0; LSKey-c$CookieConsentPolicy=0:0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:43:01 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Wed, 04 Sep 2024 21:43:01 GMT
Last-Modified: Wed, 10 Apr 2024 05:45:26 GMT
Content-Type: application/x-javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
|
|
| glaisterennor.my.salesforce.com/favicon.ico | 13.50.12.179 | 200 OK | 6.5 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/favicon.ico IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash97170dbdfa00950ddb98008d114b9a13 55fcca549138ed8fd50c7c1ce7c6625d5f8b85c2 0ea1aaed0850eaa4592cfb525a25b28c2eccc3e7bc70177b18a127ddc9b12fa0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:03 GMT
content-type: image/x-icon
x-sfdc-request-check: 2
x-content-type-options: nosniff
cache-control: public,max-age=3888000
expires: Fri, 21 Jun 2024 21:43:02 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: 6b2f8b38ea8b23876000fca9083cb295
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-177510329-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-177510329-1 IP142.250.74.168:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash1d64a581e35037f51729e15aa6654a85 57e9993db8f4f21175da72a8c7eef8fbd4a12978 2a33ab82a0a709c48cf6a3a17ad368ebe327f0202008bc3775528cd827565642
GET /gtag/js?id=UA-177510329-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:43:04 GMT
expires: Tue, 07 May 2024 21:43:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/e4d1c6444a.js | 104.21.27.152 | 200 OK | 85 kB |
URL GET HTTP/2use.fontawesome.com/e4d1c6444a.js IP104.21.27.152:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (2566) Hashfc1f90b3daa0973bd28177b9c4a2b0f1 61bda8dbe065fe5a5eb43120a8b05a1585c81b8f 15dc7396995e51087e00fa6c1250fea32bb46e7442085f26394da05cfbd0b225
GET /e4d1c6444a.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:04 GMT
content-type: text/javascript
etag: W/"fc1f90b3daa0973bd28177b9c4a2b0f1"
last-modified: Fri, 22 Sep 2023 01:35:49 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2Bd0KMJsDxQIcb4VJVqlKd55nsznuELs3nlsjX01%2FtUhZrPvrVlGuIWmXzu30vyA5JfhhJkj0BACdIaP7Wp%2F8%2BFnHqZI9rb02bTCuChynrKnXdICDV0MM8c0TGbosZn7avs0SQkZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804622e9d2f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/combined-1.css?m=1600401293 | 103.253.193.2 | 200 OK | 7.2 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/combined-1.css?m=1600401293 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeASCII text, with very long lines (32684) Hash40ea892dce2648b70de124c40d2add5c 3f7afbc2cd6d5b4d3d4785625ab058454b59020e ada99838b208ab0c0c3ac1cd71ab460e0f5bbe499eef8b92ae7a94bd220f7566
GET /themes/mytheme/combined/combined-1.css?m=1600401293 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8d-843b"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashe1e30c3aadbba0262bbbc8e609feba3d a994badca1e3d3ce725b9b992fe687db4c9b27da 38ca53f9bbf300576c36aea9983d98352dfd8fc6f81d420947aa919be52522be
GET /gtag/js?id=G-3DXV3CCKCZ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:43:05 GMT
expires: Tue, 07 May 2024 21:43:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.glaister.co.nz/themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg | 103.253.193.2 | 200 OK | 195 B |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeSVG Scalable Vector Graphics image Hashaf7cd461f3bae8754d097a0d23e1e1e0 61056053d2d9de859930f22253bf17a44b5e7eb4 b0d8a0e601886f942e323ed90bc97304ffcc9fce985306b99efe61ea41ccd16e
GET /themes/mytheme/combined/dottedlinecpastrokebda45esc1.svg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:05 GMT
content-type: image/svg+xml
content-length: 195
x-accel-version: 0.01
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 46 kB |
URL GET HTTP/2fast.fonts.net/dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 45700, version 5.-8520 Hash5c748c95a4f3afa6ec56540a6ddd1950 059374eaec96b1a23adf434aa9a24e057b32bbe3 81f5c60e6e440e4cb80660f27628e681a3b6b2449ac3206e9d9ff709a94d39d8
GET /dv2/14/3ded7064-503f-4fa0-853b-9f7a2cf55f20.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:06 GMT
content-type: application/octet-stream
content-length: 45700
x-amz-id-2: NBaYoLSvUrG0DoDNx84Mg8B8j3JN8OBrpweujkmfauxrnZw0SPl/QYWwfCzr3FtdBL16jGgv9BIdjfrFUJ2dZvmD0G/OrGFOoIZ5h7ZPldQ=
x-amz-request-id: M49CNDAHB5SEVC2B
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 08:51:23 GMT
etag: "5c748c95a4f3afa6ec56540a6ddd1950"
x-amz-meta-mtime: 1459543939
x-amz-version-id: null
cf-cache-status: MISS
expires: Tue, 07 May 2024 21:48:06 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=Uiqm1384UAokRXwH.PKEtC9i1MlZgD22HgFJvt8TfwE-1715118186-1.0.1.1-b4rK1lkWXRGRQNrF.Q5g3IsGcOH49Bon220p6VqBfIxqc0Ci2ca3me.JjvOTWwORpxdLllG17sHwdc4KmKw8bw; path=/; expires=Tue, 07-May-24 22:13:06 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046234ab498f63-CPH
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 46 kB |
URL GET HTTP/2fast.fonts.net/dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 45548, version 5.-8520 Hash06d773c020eee0c1c3a899cf21f8471b 8d05f195cbb4dd1420566c253c26e787a7a61e7a 0f9d4c7b2dc986be0872e50513b807ba7097b50ab6fe8ff4cca6a2984400e91f
GET /dv2/14/367341fc-4cc6-4a79-89ad-d6c61561611e.woff2?d44f19a684109620e4841571a390e818464d53007380443c77caecd356c9fd4641f9c04d94bfc72b184ba47bc8c51c8a55ac9003cd2116d745d6b10e8f8b3d7afbcb5183ee9fe5d49f49fc8b3481199965777afebd9ade27434ab5d7b8ca1510402906ef2b52db8a0215d78052e23a66dab3354ffc4a0b20150de79fb9fcb0ae5e733ada98f0d004f1513ecb1c4f6deccf186420f98c16948f73818d1c6e5c7db9b2474a825960bed97fc6ead97db0501bd65f3397bb7c52&projectId=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:06 GMT
content-type: application/octet-stream
content-length: 45548
x-amz-id-2: 9ceU/rsK52K0hzflIQj0LPQxZ+Yg4wL6nojJJnE/nmlKTehQCSBl7jC1HwVQh8y3q7qtSldbtzc=
x-amz-request-id: 5FTC1VJQQ1JK616W
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 13 Nov 2020 05:34:46 GMT
etag: "06d773c020eee0c1c3a899cf21f8471b"
x-amz-meta-mtime: 1504562659
x-amz-version-id: null
cf-cache-status: MISS
expires: Tue, 07 May 2024 21:48:06 GMT
cache-control: public, max-age=300
accept-ranges: bytes
set-cookie: __cf_bm=3D1AD4k_03nAYz_YTt.mnOHgQmZ.EqpQ5xywYKp7p_g-1715118186-1.0.1.1-Hzu23FOxhVp48sawzNAUF_cv2j2V_20tqtPFQOR1AYSPbiUyuc.rOKYTrcdbwmdB4FymwNJurmKNUz3xNgBfUQ; path=/; expires=Tue, 07-May-24 22:13:06 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046234ab508f63-CPH
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg | 103.253.193.2 | 200 OK | 49 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashbc81b8fa28a48e3e838c004dae742264 9646a4ad2a213b7800fa35ff35d06526ff37379f 59b31305ebb7cca388c8e4444a65c482ce94beaeda0da92dab1a933609ceff0b
GET /assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-expertise.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 48623
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-bdef"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg | 103.253.193.2 | 200 OK | 61 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashd684b0237cea18e6005ae97176b0a5ee 8bf50e335634c1ec4c8e28ecaadf15d23001730c 1ce3329215421439468d0964238d010b543a393b4221cbfe6618a3cd4ac2c01b
GET /assets/Uploads/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLCJ5IiwyMV0/Jack-and-Stephanie-Our-People.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:05 GMT
content-type: image/jpeg
content-length: 61313
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-ef81"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png | 103.253.193.2 | 200 OK | 1.6 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash07dd169cf4f001e25ea1368fe0e465a3 b9a5fa67992093ab84848bb062fee410104f763d bcdd771d34b6d0649c36342775f44a58f284e0f269ecf1099d5d729781b71e0f
GET /assets/Uploads/_resampled/ResizedImageWzYwLDYwXQ/Linked-in-gold.png HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:05 GMT
content-type: image/png
content-length: 1648
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-670"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg | 103.253.193.2 | 200 OK | 88 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 353x200, components 3 Hashf88edfd8513914c49bd822c4b21348a5 1ef4b9e5d40742e45e0e298acf328a05f12e5221 0e2209ab3921d8470ad7334f2ba3e1ff08bc63c351da3b4a59bce7a7c8715138
GET /assets/Uploads/Temporary/_resampled/CroppedFocusedImageWyIzNTMiLCIyMDAiLGZhbHNlLDBd/home-property.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:05 GMT
content-type: image/jpeg
content-length: 88349
last-modified: Fri, 18 Sep 2020 03:53:52 GMT
cache-control: max-age=604800, public
etag: "5f642f50-1591d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/baselogin4.js | 13.50.12.179 | 200 OK | 294 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/baselogin4.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Size294 kB (293572 bytes) Hash2ce5edbc7226b192087f37bbd82df26b ff6d82aaf15c941542d330067960cc8f9b5169e3 1daede9d9267074cf303dc13a3c366dd0f32d00bae4f3755bc66971a1ee11f37
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/baselogin4.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Aug 2023 06:08:13 GMT
x-robots-tag: none
expires: Wed, 04 Sep 2024 21:43:01 GMT
referrer-policy: origin-when-cross-origin
cache-control: public,max-age=10368000
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: sfdcedge
x-sfdc-request-id: 13229b524e3f911e75d1ed3ad4831c90
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg | 103.253.193.2 | 200 OK | 233 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size233 kB (233426 bytes) Hash08d7c1b6ccdaf1330556f01785d2f07a e2875514870715ce8a90b5a044a84064765a2990 16bf8a442b30edc6de68ca756d187a928f07eea5992ce0a7386456277eb50063
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Pen-edit.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 233426
last-modified: Thu, 23 Sep 2021 02:16:04 GMT
cache-control: max-age=604800, public
etag: "614be364-38fd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg | 103.253.193.2 | 200 OK | 329 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size329 kB (328964 bytes) Hash4934b4f59b3c2d15cd431e79de94157c 480312be6796487640d066d72631f1880d15be0d af68301711cb791bfeec8a9cdeaa1562018d3e245000433500c6bccd9c7bd19e
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/Michaela-Mark-H-Annice.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 328964
last-modified: Thu, 23 Sep 2021 02:14:22 GMT
cache-control: max-age=604800, public
etag: "614be2fe-50504"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg | 103.253.193.2 | 200 OK | 327 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size327 kB (326558 bytes) Hash5e1fc682f518ec1853ad0253c25ab4f7 0d52639463539ac549e013407238c82860b735c7 02333ab99c0c870ca0b933006cc6c95e7cefa0e017799c09314461b19372db37
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsODBd/Header-Home-4.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 326558
last-modified: Fri, 18 Sep 2020 03:53:49 GMT
cache-control: max-age=604800, public
etag: "5f642f4d-4fb9e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg | 103.253.193.2 | 200 OK | 382 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size382 kB (382161 bytes) Hash1f44c912e16d5eb375719454f85e59bb ec9d637a9128a3659622aefc1bfb74528f053c85 35e4c6924c13155cf8a8666928a1480aa5fb6dc56be43edd524bd2f93b557289
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/SGH-client-meeting.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 382161
last-modified: Thu, 23 Sep 2021 02:15:26 GMT
cache-control: max-age=604800, public
etag: "614be33e-5d4d1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/LoginMarketingSurveyResponse.js | 13.50.12.179 | 200 OK | 429 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/LoginMarketingSurveyResponse.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Size429 kB (428851 bytes) Hash0c0a416d5bc7eab54830d8de0e739802 6b9d6004c212a11be948f45cb199edae199d5aae 40212c839fbce16de085073e003f0e3173751f2e3ed8b3e756de3968361e9fb2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/LoginMarketingSurveyResponse.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
expires: Wed, 04 Sep 2024 21:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cache-control: public,max-age=10368000
vary: Accept-Encoding
last-modified: Tue, 15 Aug 2023 06:08:04 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: a7c6c0d6ba102965990e636e1752dfdb
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/s.gif | 13.50.12.179 | 200 OK | 7.8 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/s.gif IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hasha113acd2545e03a15162608431156482 dc93e4f233acf6753e3c621cede353df063f092f 802df9f0257a7d065c848948ec2edb4376decec683e3728b2bd348500f042e97
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /s.gif HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: image/gif
x-sfdc-request-check: 2
x-robots-tag: none
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Tue, 27 May 2003 18:28:08 GMT
cache-control: public,max-age=10368000
expires: Wed, 04 Sep 2024 21:43:01 GMT
server: sfdcedge
x-sfdc-request-id: 045bbf41dc6b5c69105eaeaf1fe48229
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 | 13.50.12.179 | 200 OK | 28 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27580, version 1.0 Hash3ccb7b03c77bb2a3e91f6a2fb4c211f8 ac4c4df3c4bcc636190e4f94c7a80b81158d0517 1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: font/woff2
x-sfdc-request-check: 2
x-content-type-options: nosniff
x-robots-tag: none
cache-control: public,max-age=10368000
referrer-policy: origin-when-cross-origin
last-modified: Fri, 24 Jul 2015 20:32:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
expires: Wed, 04 Sep 2024 21:43:01 GMT
server: sfdcedge
x-sfdc-request-id: 6adad399605855781c9bbad95b5aab91
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 | 13.50.12.179 | 200 OK | 28 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27736, version 1.0 Hashf4c092cda9a56b8e26cc307f208949b4 dac76c1196988545bc7c7609d609fdc58cf079e5 b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2 HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://glaisterennor.my.salesforce.com/css/sfdc_210.css?v=2
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:02 GMT
content-type: font/woff2
x-sfdc-request-check: 2
expires: Wed, 04 Sep 2024 21:43:02 GMT
x-content-type-options: nosniff
cache-control: public,max-age=10368000
last-modified: Fri, 24 Jul 2015 20:32:55 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: 0579914bf3137b34899abacaaf6368ee
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/img/clear.png | 13.50.12.179 | 200 OK | 477 B |
URL GET HTTP/2glaisterennor.my.salesforce.com/img/clear.png IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash1cc6ffea5ac6b5c6e7d7b6b9b1a01e9f a4fd54cc5e6cac7e5fee6f9832c817d5e58c7c10 dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/clear.png HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: image/png
x-sfdc-request-check: 2
x-robots-tag: none
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 21 May 2015 20:40:37 GMT
cache-control: public,max-age=10368000
expires: Wed, 04 Sep 2024 21:43:01 GMT
server: sfdcedge
x-sfdc-request-id: dc666b060102099197fd11f2244c999c
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/combined-1.js?m=1646287021 | 103.253.193.2 | 200 OK | 201 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/combined-1.js?m=1646287021 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1386) Size201 kB (200885 bytes) Hashdf6214b5552f5c2b5991e4fb432cb2c1 db3b4d7be894b11f1113bad15c790d2977937ec7 bfdc62e84a717d4f2bcbd30dda4173ce9b35f3c1ae87d9164fcd87de97fb26dd
GET /themes/mytheme/combined/combined-1.js?m=1646287021 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:05 GMT
content-type: text/javascript
last-modified: Thu, 03 Mar 2022 05:57:01 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"622058ad-310b5"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/ | 103.253.193.2 | 200 OK | 19 kB |
IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glaisterennor.my.salesforce.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, X-Forwarded-Protocol
expires: Wed, 08 May 2024 21:43:04 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=86400
last-modified: Tue, 07 May 2024 04:53:09 GMT
x-powered-by: PHP/5.6.40, PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 | 103.253.193.2 | 200 OK | 3.4 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeASCII text, with very long lines (3402), with no line terminators Hash032a78e0ddfbf3b938ccb83e4645daf1 cee6d0fe170fa0db9d9a5bd8189b9b43bc687203 22576b0820787dca544e378ee47997c782b0358475b13e5e4462942f8d303718
GET /themes/mytheme/combined/colorscheme-1-live.css?m=1600401292 HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: text/css
last-modified: Fri, 18 Sep 2020 03:54:52 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8c-d44"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/ | 13.50.12.179 | 200 OK | 9.3 kB |
URL User Request GET HTTP/2glaisterennor.my.salesforce.com/ IP13.50.12.179:443
CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9980), with no line terminators Hash1a8d8e54ba39465099fbb79346148b2b 93f91caf4c7851f7f9b7f0e79a24fe64c8e8e9af 08d2fee8a443a3222e5229f1b8032277172a458fccf1aa4fe551eba189e34534
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET / HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:00 GMT
content-type: text/html; charset=UTF-8
x-sfdc-request-check: 2
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests, frame-ancestors 'none'
set-cookie: CookieConsentPolicy=0:1; path=/; expires=Wed, 07-May-2025 21:43:00 GMT; Max-Age=31536000; secure; SameSite=None
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Wed, 07-May-2025 21:43:00 GMT; Max-Age=31536000; secure; SameSite=None
BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; domain=.salesforce.com; path=/; expires=Wed, 07-May-2025 21:43:00 GMT; Max-Age=31536000
BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg; domain=.salesforce.com; path=/; expires=Wed, 07-May-2025 21:43:00 GMT; Max-Age=31536000; secure; SameSite=None
x-robots-tag: none
x-frame-options: DENY
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: sfdcedge
x-sfdc-request-id: 12f8f1acbc4d01af399815a067837280
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 | 104.16.41.28 | 200 OK | 0 B |
URL GET HTTP/2fast.fonts.net/t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=fe020fd2-866a-4a1d-a9c3-87063544eb28 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css
Cookie: __cf_bm=RfXQTme3bCl7IFKQGn2xsdTmTSUVksCN1CtebLA58aQ-1715118185-1.0.1.1-CbdT0zHjZScAhxBorumjQ5VZ85krk8.mqr.Ii2EP7FOsPyMfUwafqKolFrRGcV_y_1kMuQ9Ns4aiwxg2ip3JTQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:05 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: uzs0+UHc8UGAzZ8VPvjKCgBusygpLONZMFjJ4khFY73PhU+lpx4hWfv/3rkc1llRI2Ff7JipMDSh+VuZs6GV0n8w7PjHMhnxwsWo6e2MPCM=
x-amz-request-id: M4979HYB651TRJQA
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046231b91d8f63-CPH
X-Firefox-Spdy: h2
|
|
| fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css | 104.16.41.28 | 200 OK | 18 kB |
URL GET HTTP/2fast.fonts.net/cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css IP104.16.41.28:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerGoogle Trust Services LLC Subjectfonts.net Fingerprint40:BB:71:39:9B:62:CA:2E:30:5E:D3:A9:33:D6:69:83:D8:1F:D0:57 ValidityThu, 04 Apr 2024 03:21:50 GMT - Wed, 03 Jul 2024 03:21:49 GMT
File typeASCII text, with very long lines (2485), with CRLF line terminators Hashf984d1d541d49ae5a02d44d63668a147 40315bc4995213cca2b386aaad2f51b5faef5d62 a57fde5886bc38127ab1ff4e9e8a482afccdbdb72ffb7306da9045e2c4b7f44b
GET /cssapi/fe020fd2-866a-4a1d-a9c3-87063544eb28.css HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:05 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: w7v5CK38Jvtjlvi8RPeuguLGGtHo8Pi6YxH8fIp6gdIOKk9vGVRv2kpWLUehTapMFsmbmAtfmZAopTuVjIlxZNSVvknSjvdQFko8dz/w4vM=
x-amz-request-id: M496HSKDQ8D6MNFV
last-modified: Thu, 18 Feb 2021 04:15:57 GMT
etag: W/"f984d1d541d49ae5a02d44d63668a147"
x-amz-meta-mtime: 1510813464
x-amz-version-id: null
cf-cache-status: MISS
expires: Tue, 07 May 2024 21:48:05 GMT
cache-control: public, max-age=300
set-cookie: __cf_bm=RfXQTme3bCl7IFKQGn2xsdTmTSUVksCN1CtebLA58aQ-1715118185-1.0.1.1-CbdT0zHjZScAhxBorumjQ5VZ85krk8.mqr.Ii2EP7FOsPyMfUwafqKolFrRGcV_y_1kMuQ9Ns4aiwxg2ip3JTQ; path=/; expires=Tue, 07-May-24 22:13:05 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804622f1f058f63-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/LoginHint208.js | 13.50.12.179 | 200 OK | 20 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/LoginHint208.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (563) Hashf1b06a808e5910093e3a8ecd1c70d695 d6ea29b885998bd24811333f6ceaffce42400f7d b4e09e04175d3fc81542f40d4d227db48c6199f93ca2737a1ce91e9e57865dff
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/LoginHint208.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
x-robots-tag: none
last-modified: Thu, 01 Feb 2024 18:09:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: origin-when-cross-origin
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
cache-control: public,max-age=10368000
expires: Wed, 04 Sep 2024 21:43:01 GMT
server: sfdcedge
x-sfdc-request-id: e3fc65aa1cbb582cb324fdcb6ab2e800
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg | 103.253.193.2 | 200 OK | 23 kB |
URL GET HTTP/2www.glaister.co.nz/themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeSVG Scalable Vector Graphics image Hash0d0a42233f2fcc23ce90ddd7cfe963f3 208abe551ebc00c2572f95871d611d248ca9cee5 cbe394cb7ef9f19b1b8db38df28bd4cba91748712131a4d199cff18332a65407
GET /themes/mytheme/combined/logocpafillbda45ecpbfill404041sc1.svg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Sep 2020 03:54:53 GMT
vary: Accept-Encoding
cache-control: max-age=604800, public
etag: W/"5f642f8d-5a88"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg | 103.253.193.2 | 200 OK | 292 kB |
URL GET HTTP/2www.glaister.co.nz/assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size292 kB (291785 bytes) Hashcfef18983b24650c3a135dccae7acc9a 9fee1b3788f8da93827ead0501e8e85d88a1b81e 955e9faf3bcd5b17308a5df12c298ed7b96f9e1c94f7088ff114daeb3ce396ad
GET /assets/HeaderSlides/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIiwieSIsMF0/GE-Partners-UPDATED.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 291785
last-modified: Fri, 01 Oct 2021 02:34:33 GMT
cache-control: max-age=604800, public
etag: "615673b9-473c9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg | 103.253.193.2 | 200 OK | 428 kB |
URL GET HTTP/2www.glaister.co.nz/assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg IP103.253.193.2:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://www.glaister.co.nz/ CertificateIssuerLet's Encrypt Subjectglaister.co.nz Fingerprint52:11:03:E1:AA:FD:F5:B1:87:53:65:FC:78:5E:1A:A2:54:BE:3F:8D ValidityWed, 20 Mar 2024 04:38:55 GMT - Tue, 18 Jun 2024 04:38:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1440x360, components 3 Size428 kB (428225 bytes) Hasha7f0c0406c7e3ecb91785babf0162c8f 762d345238b5806b5dbe99d3dd43d155252b176b 49f473d945f583c692a070e27151d71d0a01438de3ce9dd075c5b294682c6849
GET /assets/Uploads/_resampled/CroppedFocusedImageWyIxNDQwIiwiMzYwIixmYWxzZSwwXQ/GE-WEB-UPDATE-HR-PANO.jpg HTTP/1.1
Host: www.glaister.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:43:04 GMT
content-type: image/jpeg
content-length: 428225
last-modified: Thu, 17 Mar 2022 21:23:10 GMT
cache-control: max-age=604800, public
etag: "6233a6be-688c1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/jslibrary/SfdcSessionBase208.js | 13.50.12.179 | 200 OK | 16 kB |
URL GET HTTP/2glaisterennor.my.salesforce.com/jslibrary/SfdcSessionBase208.js IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (575) Hasheede1b37a00f77c1143e618cf980b866 95388a2520cd89b8c9a837a336688520dee7ef45 680ee03715036c635c33fdd03f1ba69538ed2af3f569e2cc901c937653f90f06
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /jslibrary/SfdcSessionBase208.js HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:01 GMT
content-type: application/x-javascript
x-sfdc-request-check: 2
expires: Wed, 04 Sep 2024 21:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cache-control: public,max-age=10368000
vary: Accept-Encoding
last-modified: Tue, 15 Aug 2023 06:08:09 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: 3d802fa8f1a7474b8571a36f79ad13ac
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.6.2/css/font-awesome-css.min.css | 104.21.27.152 | 200 OK | 28 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.6.2/css/font-awesome-css.min.css IP104.21.27.152:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (28274) Hash95e795396dad96cf9d858440a3507715 3e4fd0035a4968f0143ef1f3b4d979a107ed25b7 4bacd81e6150c0d6b49e7e302971b5b5865e43751b7fabb8b3756ef1e6dbac09
GET /releases/v4.6.2/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/e4d1c6444a.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:05 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"95e795396dad96cf9d858440a3507715"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 610256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZE02cUmewfH7UVDNZL99XFyt6mc9Fmx9uhUVS9l8GkU5FxXJSeA0pxvXaANz7rq0rHKvVm1Fgl33RE%2F6VBgnL4e7L81LDZmmag%2FiLOKeVADZE82OIhxxksuseJKT7sG3XpHR65W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804623289550b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/webfontloader/1.6.24/webfontloader.js | 104.21.27.152 | 200 OK | 12 kB |
URL GET HTTP/2use.fontawesome.com/webfontloader/1.6.24/webfontloader.js IP104.21.27.152:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2134) Hash9064ce12d2c81f68123c93bc1a8b0cad 44a3a4a8cbd7a3a77d4a7314d9d2b9d28a3fb56a 2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
GET /webfontloader/1.6.24/webfontloader.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:04 GMT
content-type: application/x-javascript
cache-control: max-age=31556926
etag: W/"9064ce12d2c81f68123c93bc1a8b0cad"
last-modified: Fri, 22 Sep 2023 01:46:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iN%2Bq0WPKHEMcLcqvdZ3PAb8kdxDQlDd0wuMG4tF%2BAMWH1tVWdbHrM%2BS2msr6uoUKvvH61VF6mj6NDeOlf1FqMbQFbaOwR7NFJ2xV8A9T0UkVYal7X2ebpNGKBTO2QSZfCavWAobI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880462302ef10b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/e4d1c6444a.css | 104.21.27.152 | 200 OK | 1.0 kB |
URL GET HTTP/2use.fontawesome.com/e4d1c6444a.css IP104.21.27.152:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (1054), with no line terminators Hash0fd7d4aa18cf6ab3de77056d4d50a802 ce69fc08a4c1974694ccf1fb015d827f0cddbaf7 c8e514f51f477b97dbcc1ee89e1380e9e3ad9b9662b12413315eb1e53e297013
GET /e4d1c6444a.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.glaister.co.nz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:05 GMT
content-type: text/css
etag: W/"b2e035a5bbe42b68e8d16c5e6417f79f"
last-modified: Fri, 22 Sep 2023 01:35:49 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6qUCue8k3I24SKkjXvA3OJpQRHjbGsljuv4cuzZSunKn%2BCudtWN6kkthazEb%2Bi7eFtQzBXkQeGjl1iqvhffFmnSRM6GIdbevGafP9qfGToS9fmHb7p1%2FwmzW4r3tC5DLy22Mnld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880462304f090b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.6.2/fonts/fontawesome-webfont.woff2 | 104.21.27.152 | 200 OK | 72 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.6.2/fonts/fontawesome-webfont.woff2 IP104.21.27.152:443
Requested byhttps://www.glaister.co.nz/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 71760, version 4.393 Hasha1a450ea331a3fc89e867ecad963b6b2 ee59197f63a2c4c7b7f2ae135a745202235de8d4 2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
GET /releases/v4.6.2/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.glaister.co.nz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:05 GMT
content-type: application/octet-stream
content-length: 71760
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "a1a450ea331a3fc89e867ecad963b6b2"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLFTP0YVT9b4%2F3S8JK6%2FfSjh%2BtWQVfVEq54EF2Ff7CNdyDln0i0qOsIGrUQq4QQAgOV0YnrIAplWXjUZwtjNNLYlUZXJ91I4eH%2BHfS2ialQhnCPO5bHytwSDDbwwx0MIfzjSlsJD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88046232b97d0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| glaisterennor.my.salesforce.com/img/icon/capslock_blue.png | 13.50.12.179 | 200 OK | 549 B |
URL GET HTTP/2glaisterennor.my.salesforce.com/img/icon/capslock_blue.png IP13.50.12.179:443
Requested byhttps://glaisterennor.my.salesforce.com/ CertificateIssuerDigiCert Inc Subjectsfdc-cehfhs.edge.my.salesforce.com Fingerprint9A:38:EE:34:65:EC:F2:D5:C1:DA:AD:81:65:7B:6B:A5:EC:8C:D2:54 ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT
File typePNG image data, 33 x 43, 8-bit/color RGBA, non-interlaced Hash0b76cfe389e0720a22e73e9a1f63351f c3f0a7e6547e3997f8c9574a011005de748181ee 1f21e5aca5794286008ff7bd98038e525e047e36490747681a6ea396a52fd24b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/icon/capslock_blue.png HTTP/1.1
Host: glaisterennor.my.salesforce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glaisterennor.my.salesforce.com/
DNT: 1
Connection: keep-alive
Cookie: CookieConsentPolicy=0:1; LSKey-c$CookieConsentPolicy=0:1; BrowserId=xj3kzQy6Ee-_JoEEFrkcRg; BrowserId_sec=xj3kzQy6Ee-_JoEEFrkcRg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:43:03 GMT
content-type: image/png
x-sfdc-request-check: 2
expires: Wed, 04 Sep 2024 21:43:03 GMT
x-content-type-options: nosniff
cache-control: public,max-age=10368000
last-modified: Tue, 04 Apr 2023 21:01:52 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-robots-tag: none
server: sfdcedge
x-sfdc-request-id: e3fc2277c5ea2424b68d982acd8957b4
x-sfdc-edge-cache: MISS
X-Firefox-Spdy: h2
|
|