r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9045
Expires: Mon, 19 Dec 2022 10:32:17 GMT
Date: Mon, 19 Dec 2022 08:01:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17676
Expires: Mon, 19 Dec 2022 12:56:08 GMT
Date: Mon, 19 Dec 2022 08:01:32 GMT
Connection: keep-alive
cba-verify-au.xyz/
172.86.127.172301 Moved Permanently 301 B IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 565ac3e6568fe13e65a4d369c614befd
55099711b5ea9c840cbf60fdcb58aafb94b06ba9
75b2acdc3e3e2490110f85aac5cbd51be22f2d4199b39b7f04010be0463751ce
Analyzer Verdict Alert openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Dec 2022 08:01:32 GMT
Server: Apache
Location: https://cba-verify-au.xyz/
Content-Length: 301
Connection: close
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 07:45:36 GMT
content-type: application/json
age: 956
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7866
Expires: Mon, 19 Dec 2022 10:12:38 GMT
Date: Mon, 19 Dec 2022 08:01:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kdnoAzj+ncIOeLDMWH5UGelgkzIiJwrHDDtlp8rA8mnBx74wdYbarKl5CyYy8O4BBzIV3Eozpyc=
x-amz-request-id: 2N9V1S7R1KF76GZC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 07:28:56 GMT
age: 1956
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:01:32 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 07:33:24 GMT
age: 1688
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5629fc650d7cc6b81c7091cf069a54d5
be54a47a2d43cfb2b94b309f90cce9e6fd901699
ca26621ff3d72662ae7f7486b750b2553007fc056d292a27cb8d01a99f8fceab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA26621FF3D72662AE7F7486B750B2553007FC056D292A27CB8D01A99F8FCEAB"
Last-Modified: Sat, 17 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Mon, 19 Dec 2022 14:00:52 GMT
Date: Mon, 19 Dec 2022 08:01:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: max-age=95042
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:01:32 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:25:34 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
cba-verify-au.xyz/
172.86.127.172200 OK 2.7 kB IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (399)
Hash 6cb758aa779b3c95fb66606b0de28b18
56e4277615d77a98248112bd1057a7bcf27f1e4f
6c01d3de0b1575cfa9460bf24fd4a3ca259bcd5521d5a41b6f5af1dbe2e470d2
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache, private
date: Mon, 19 Dec 2022 08:01:32 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; expires=Mon, 19-Dec-2022 10:01:33 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D; expires=Mon, 19-Dec-2022 10:01:33 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
content-encoding: gzip
content-length: 2666
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPwwGbQ+ruhtLjvH3HUz0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: En2HOFXph8Ml8AueCLNuKiDJrwc=
cba-verify-au.xyz/css/logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
172.86.127.172200 OK 7.1 kB URL HTTP/2 cba-verify-au.xyz/css/logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (31678), with no line terminators
Hash 3b54851907a4f52a96513f574a0b77ec
5fa7a77290db9edcb902d6d8fce4da97aa561fb7
cf5a58a73dfbc046c2b8d87ebad70a27e74a65979603d137f39beed6ee747c58
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /css/logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 14:59:44 GMT
etag: "7bbe-5ec92351c9800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7082
content-type: text/css
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/css/clientlib-common.min.4a40b402b2c29f52593911596519e15e.css
172.86.127.172200 OK 14 kB URL HTTP/2 cba-verify-au.xyz/css/clientlib-common.min.4a40b402b2c29f52593911596519e15e.css
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (2844)
Hash b8e3c28cc48480e6da96512bb5182d2b
1a2519ad045bb2f9cf282d2a2d9839732e117213
b156324d02b5529ff5a820a2df5ad447fc1fc83ea2257ea4774b9160927beb87
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /css/clientlib-common.min.4a40b402b2c29f52593911596519e15e.css HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 06 Nov 2022 16:31:14 GMT
etag: "150dc-5eccfd5dd7880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14394
content-type: text/css
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/css/loading.css
172.86.127.172200 OK 246 B URL HTTP/2 cba-verify-au.xyz/css/loading.css
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (465), with no line terminators
Hash 5912202177e1f28af4e90ab9b8760b11
35e6a570de9d5e5455e84c87fe87d5d762671edf
9795b8d41b163f7a7b86b8dfa904c5e0fa9c6c3590d8ccc2826689c8427a2596
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /css/loading.css HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 02:10:44 GMT
etag: "1d1-5ec9b94cb7100-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 246
content-type: text/css
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/css/clientlib-homepage-2020.min.99e7dc0d7d9b11ea5aec970bf60fa00d.css
172.86.127.172200 OK 22 kB URL HTTP/2 cba-verify-au.xyz/css/clientlib-homepage-2020.min.99e7dc0d7d9b11ea5aec970bf60fa00d.css
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (1559)
Hash 210f8059d22941e7ce805b75cce7a53d
892b1d9aefd755e5f5aa6a46194294d42b90d0bb
af51d34ad776bac95c46e01ffeaf14696f3f0e2f5e420d52c6ff343bc84a5c7a
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /css/clientlib-homepage-2020.min.99e7dc0d7d9b11ea5aec970bf60fa00d.css HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 06 Nov 2022 16:30:25 GMT
etag: "3cc88-5eccfd2f1ca40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 22034
content-type: text/css
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/jquery.cookie.js
172.86.127.172200 OK 685 B URL HTTP/2 cba-verify-au.xyz/static/js/jquery.cookie.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (1052)
Hash 75098ede41615f0fd3299b601bf7a35f
5034160694cb3e200373fa52ad27ed3e85fadf1c
5e988764cb6888fcc2a1dfcd689dea7a71b23f6952499d8ddf142a4de436ddfe
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/jquery.cookie.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jul 2022 01:25:36 GMT
etag: "41d-5e4970f926400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 685
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/images/cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
172.86.127.172200 OK 4.9 kB URL HTTP/2 cba-verify-au.xyz/images/cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type GIF image data, version 89a, 256 x 46\012- data
Hash ac9de6fb5214be84653367c74ba0b5f0
be61645ad75ab434ce7195268eb453f77314f9ec
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /images/cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 14:04:52 GMT
etag: "12f4-5ec9170e4a900"
accept-ranges: bytes
content-length: 4852
content-type: image/gif
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/jquery.mask.js
172.86.127.172200 OK 5.4 kB URL HTTP/2 cba-verify-au.xyz/static/js/jquery.mask.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash 30f566290c6e596c1b52e74303d00c5b
ac50d66678873b348d1d3f83f5183c3b7d3394ea
f92d4886c7a4d6c98df3a5de84c496bcf0fe13918bb493d2e179ac64f12b693f
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/jquery.mask.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Mar 2022 14:10:26 GMT
etag: "4e98-5da425bc6b880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5395
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/layer/layer.js
172.86.127.172200 OK 7.4 kB URL HTTP/2 cba-verify-au.xyz/static/layer/layer.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21532), with CRLF line terminators
Hash 41bd9011ca051433b1704860983a22c6
149e5b811824e11cb9dc9c99eb1f78df5f8b9107
361a5860dfebf16e5ac3d5e781188535c27829a3b11a06d820899fb07af5720f
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/layer/layer.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Jul 2021 17:28:18 GMT
etag: "5474-5c7cdbab1f080-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7439
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/images/loading-icon.gif
172.86.127.172200 OK 33 kB URL HTTP/2 cba-verify-au.xyz/images/loading-icon.gif
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type GIF image data, version 89a, 300 x 300\012- data
Hash cc21e844df89c9f82c358169761fd033
c5e4f0d793bdf61ee1a04d33aeed01e70434a41e
5c748d51c8f61b2df46a59e8bae9121080d7aadcee8b4459bd01cc64ac3321cd
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /images/loading-icon.gif HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 01:52:20 GMT
etag: "7faf-5ec9b52fdbd00"
accept-ranges: bytes
content-length: 32687
content-type: image/gif
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/lib/jquery-2.1.4.min.js
172.86.127.172200 OK 33 kB URL HTTP/2 cba-verify-au.xyz/static/js/lib/jquery-2.1.4.min.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (32056), with CRLF line terminators
Hash e371adfbd0446ad73b84056b8d9858a8
cfc89eb8216aa59a4c242574ab9491460373182d
34f498e4440918c326c23f2de5b72530777a2f7437f4a3e41ae92e8857d73e16
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/lib/jquery-2.1.4.min.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 08:32:48 GMT
etag: "16b8c-5bd8f183a4c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32846
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/data.js
172.86.127.172200 OK 1.1 kB URL HTTP/2 cba-verify-au.xyz/static/js/data.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash aeb95fd3401f3dc766c7681817e327db
3abc1507f87b9aa8093d45a25cf5addb91917422
103d0ef9340fa2de9eb81f984b6487d99473d9e9cd35d23c7289a653a13f8755
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/data.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 17:22:09 GMT
etag: "c9d-5ece4a9cc7240-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1077
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/lib/jsencrypt.min.js
172.86.127.172200 OK 18 kB URL HTTP/2 cba-verify-au.xyz/static/js/lib/jsencrypt.min.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with very long lines (13814), with CRLF line terminators
Hash c8eba892c19ebcb3d10b3314f59a90b4
e6d1e26ef00925882980393dcee42dfb3ace0f71
4ecfb8ab5a82b5c7ac8dd1067f5a1b8426191d08cda5b709445190c9e699d4a8
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/lib/jsencrypt.min.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 06:49:06 GMT
etag: "db99-5e6e2f5e55c80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17565
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/js/lib/crypto-js.js
172.86.127.172200 OK 32 kB URL HTTP/2 cba-verify-au.xyz/static/js/lib/crypto-js.js
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with very long lines (756), with CRLF line terminators
Hash a7a591cb8c15a3167fdffe4065da3575
e8173ffa704476baffb212adce32689de2c46b5b
17fdc91c0319afbefe8894e1938be82f86ee80f6d7123e4933d8e3dadd57f0b4
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
fortinet Phishing
quad9 Sinkholed
GET /static/js/lib/crypto-js.js HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 08:32:58 GMT
etag: "30523-5bd8f18d2e280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32133
content-type: application/javascript
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/images/logonsprite2.307a0c523f35f709f390895b4720d350.png
172.86.127.172200 OK 14 kB URL HTTP/2 cba-verify-au.xyz/images/logonsprite2.307a0c523f35f709f390895b4720d350.png
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 3969 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 307a0c523f35f709f390895b4720d350
94fc38cd1c928167f22a356181fb97bbf067b434
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /images/logonsprite2.307a0c523f35f709f390895b4720d350.png HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/css/logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 13:58:34 GMT
etag: "377f-5ec915a5cd680"
accept-ranges: bytes
content-length: 14207
content-type: image/png
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/static/layer/skin/default/layer.css?v=3.0.3303
172.86.127.172200 OK 2.9 kB URL HTTP/2 cba-verify-au.xyz/static/layer/skin/default/layer.css?v=3.0.3303
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (14499), with no line terminators
Hash 480d21f3344b0b77695c74fecba9bf5f
04d0533367c93e17624300b07f3e96499fe74e61
02af06c466dfa31fe73e372b05cd00096ec6948eaa1b088ce085c86affc977bc
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
quad9 Sinkholed
GET /static/layer/skin/default/layer.css?v=3.0.3303 HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Jul 2021 17:28:26 GMT
etag: "38a3-5c7cdbb2c0280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2885
content-type: text/css
date: Mon, 19 Dec 2022 08:01:33 GMT
server: Apache
X-Firefox-Spdy: h2
cba-verify-au.xyz/favicon.ico
172.86.127.172200 OK 156 B URL HTTP/2 cba-verify-au.xyz/favicon.ico
IP 172.86.127.172:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 8ff3a6ae41ba8993f90566371f7ffa35
dd45df5df60e0df0937d08c2c08a05d552d54210
e8b6e1b1ff01bf913b39962cd160d5cc64fd668710e04caf46fd6b40fa224986
Analyzer Verdict Alert urlquery phishing Phishing - Commonwealth Bank
urlquery phishing Phishing - Commonwealth Bank
openphish Commonwealth Bank of Australia
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: cba-verify-au.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cba-verify-au.xyz/
Cookie: XSRF-TOKEN=eyJpdiI6ImJ3VTN3TGxwWEhxTVBOUlFRV1wvNzJBPT0iLCJ2YWx1ZSI6Ik1GTFRKSnJiOTZQWDYxeDl3eVBZSmZVXC81MFF0MVwvSVwvb0dmMGlhMzE3MVJJQytLTG9MbHBraEQyWFdcL0xXcWEwIiwibWFjIjoiNDVmMTlmMTYzOTg1MTRkYzlhZTIzNWU4NGZkMGE3NGY5NzA5MTgzZTY5ZTlmNTM0YTY4NjBkYjk1ZGU2YTIxZCJ9; laravel_session=eyJpdiI6IjI3NlBIYXllZVY3SURrdmJEMVwvRDFBPT0iLCJ2YWx1ZSI6IkRQK01rME96K0JSdUExbmkxNmVHZ1Q5Tmd3OWV0QWpLVERHcHNQaVpjZ0V5SzQ4bktOblhUOFlyamx5aTBEYjRXTzdJcjJkZTkwZitUeFlIKzRZS01UeUdRNzJLTDRIYkxtUHdvam5IekRCNDdNUWgzcDU0N1wvU3BHZHhWeDhrWiIsIm1hYyI6ImVkMzZhNmVkZjUwNTA4YjE5YzE0NDMwNjgyNzkzZTc3ZTNkZGVkMGQzNjE4YjJhOWM0MmRmZDEyMjFhOWY2NTQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Nov 2022 13:37:24 GMT
etag: "13e-5ec910eaa2d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 156
content-type: image/x-icon
date: Mon, 19 Dec 2022 08:01:34 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9577
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:01:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9577
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:01:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9577
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:01:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9577
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:01:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c714628a486b8d09101fe1115b4a25
a859bec81457e5b3511fb7612b65bcd4be790f21
41586527c64614c69c2833d2eb9a0e5e03906388a39ae16443b45dd6885329af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 30f541b7-557c-45c6-a639-596ec624d6b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJtzFJPIAMFaow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcbe-221f45c41cc4ac943f78ce6c;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f_sUIMBle-AT5Od_IJdlhNc1razIfG8LYIi1tEsIyWtMRBs063gjwQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:18:00 GMT
age: 2614
etag: "a859bec81457e5b3511fb7612b65bcd4be790f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ce95c2-1c3f-4d6c-ad18-90e8258c9a17.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ce95c2-1c3f-4d6c-ad18-90e8258c9a17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9d50aad72b8daca282646dc709ea2ce
ed8e062f6911bf752b9c4fbea466e827385ad26d
9e49058f60a12311a2d2a0872ec29a268d7b4575b4de83364c606ffa37ae8655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75ce95c2-1c3f-4d6c-ad18-90e8258c9a17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8709
x-amzn-requestid: b6a49df2-29df-4341-bb05-d9b704de011f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dR2EMHKXoAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639d6a1a-2b1b90bb6275bc9153987aa0;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 07:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ObpjD8D5oR5QTNmIkpg1PzN4UlG2dl_kbgIcPly_gBwlYjjG2IpZfA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:59:08 GMT
age: 3746
etag: "ed8e062f6911bf752b9c4fbea466e827385ad26d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8b260b0cc287f1b66c97f552b2a3c21
7efa342abc52a36cd3fa2dd4b3e85cec1def58c0
7263d7176d5879c550158fee5259605dc298a99902cb8a2c340ab2b92f92bc90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: 3254bdde-1e56-4423-a87b-5955c64f52ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA6FUVIAMF2gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-09a330722c1eec79103d9b9e;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W2HZAazNTP-6o2Vyr2jrOTutIt4ed3Fs0L_TgUEH8dM9RtqBiBSdAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:40:13 GMT
age: 80481
etag: "7efa342abc52a36cd3fa2dd4b3e85cec1def58c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71e9a308430eff340bb55c56b64fcc63
63d49b26322a1dca8ed669c1abafc27ee7f7c4b2
e3c8917124f2d13de6d1c0a1f1539f035abef31bbbf2246e77db44d9a3e29b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12161
x-amzn-requestid: 6ad8283c-3d3d-41f0-ada7-1b0d20568aa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dXIZIGZFIAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639f876d-0bc6f28d582f63b35a494472;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gJgluMuS-cEZnEk8LNtVJk02T883tD8OZJy4BftXFGhJ6tHeLGrcqw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:37:59 GMT
age: 37415
etag: "63d49b26322a1dca8ed669c1abafc27ee7f7c4b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0414d31-0d1b-44bc-aca6-adbdb14d3177.png
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0414d31-0d1b-44bc-aca6-adbdb14d3177.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b737043cdf74af46852693d35fd7c297
1aabe2620cc5e80e141557fa891c20ae3385ecf4
534712b0605de5329ee5e9a0ce22b78de49a5d00f6544c4aa66c78f95e594540
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0414d31-0d1b-44bc-aca6-adbdb14d3177.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7625
x-amzn-requestid: 82e4192c-d409-42d9-8d96-e3f5892fd048
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJqlGCNIAMFsdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebca9-168389792f2e981943781c75;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dr8_HKrDAGEisD9XRkAFL8gf4EyMHCqSLJAQgFTnMOixMMG_jiF8Rg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:20:51 GMT
age: 2443
etag: "1aabe2620cc5e80e141557fa891c20ae3385ecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:37:07 GMT
age: 37467
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2