secure-west.online/westpac/
185.212.47.84301 Moved Permanently 327 B URL HTTP/1.1 secure-west.online/westpac/
IP 185.212.47.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b41e3b4a300c1ee130892a8eb927ae26
55d5ae3d27e5d78b196b26cff6346b4f3ef3a9c3
01b3dc19bbf0783881b8a2431a19ca1f006307528f4ffdc67fd1680061e487bb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/ HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 05:06:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://secure-west.online/westpac/
Content-Length: 327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P7pR8BeGtkG-8P1jctb1Q9jHMrTjkUWr1eNa384XYhQFp6PbdDAICA==
Age: 47953
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 06 Oct 2022 07:39:57 GMT
Date: Thu, 06 Oct 2022 05:06:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.7200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.7:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ekeBM5vKTvHuzJfqbTlSeaNzV56HZ_aiP-CPHou7RUSsIHxFnUesCg==
age: 3839
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 05:06:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 53526b9fb918a3d3c6c23ab8633d0d93
ca14754f2b9bf2938a3073f2a885108fd775ca86
b0fc2a91d25f24e30045c48286bc13330939648035f02719f59d28423240cf6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0FC2A91D25F24E30045C48286BC13330939648035F02719F59D28423240CF6D"
Last-Modified: Thu, 06 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Thu, 06 Oct 2022 11:06:27 GMT
Date: Thu, 06 Oct 2022 05:06:31 GMT
Connection: keep-alive
secure-west.online/westpac/
185.212.47.84200 OK 447 B URL HTTP/1.1 secure-west.online/westpac/
IP 185.212.47.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1d10f9e0cf1317d07c48d6811e276d1e
8b2281009f6eafe7e8f45c3384d7854dfc109274
da7a3d7f1cedfdf44388dbd47db2d26578421c4d0721781980ab51ad4f8c428b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/ HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:32 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: real=OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 447
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
secure-west.online/favicon.ico
185.212.47.84404 Not Found 281 B URL HTTP/1.1 secure-west.online/favicon.ico
IP 185.212.47.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 515e7be770ec2ebcfa1544e35da147b5
3440833327974b1589576c0e42aa3a1a8c7320e7
c1b64b47c55024daf45599f2177711f71a2767a850a745c54e981d2e8c1264d1
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 05:06:32 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 04:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 04:46:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GV0EeIBOhU5p5ydJaxYH7ARMVWPcb4qlHxWl78OWu1tHu8_aZlM1hg==
Age: 2211
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5826
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 05:06:32 GMT
Last-Modified: Thu, 06 Oct 2022 03:29:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.212.13.96101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.13.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: onHmk90ucHLE2krSbCaOug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: azVJcCddVLpoRQFKO+MEV7GckgY=
secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d?
185.212.47.84301 Moved Permanently 362 B URL HTTP/1.1 secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d?
IP 185.212.47.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c5d9997f2b08247271245fc91bd6d5a1
f08c31167c7fbdf6dfd76551a816e28a65cf9444
ae1bfd84d560c6af9723f37b5915baa9f75356e24685fb5321f0acf9700fa7c1
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/388641dd535453e00be6d4306c87fb3d? HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/?
Content-Length: 362
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/?
185.212.47.84302 Found 0 B URL HTTP/1.1 secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/?
IP 185.212.47.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/388641dd535453e00be6d4306c87fb3d/? HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-west.online/westpac/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: bid=388641dd535453e00be6d4306c87fb3d
location: login/?
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
185.212.47.84200 OK 11 kB URL HTTP/1.1 secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
IP 185.212.47.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1057)
Hash a614ef1fe76fe0026ec3e0d210167d7f
58e74d70bb2576f9507c0b67eee0e03b62dd4864
14bdf37fe02faaa83ba898bb601d16852c454c89aeef6fbbadaa6583c9989bc0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/388641dd535453e00be6d4306c87fb3d/login/? HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-west.online/westpac/
Connection: keep-alive
Cookie: bid=388641dd535453e00be6d4306c87fb3d; real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10655
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
secure-west.online/westpac/bower_components/jquery/dist/jquery.min.js
185.212.47.84200 OK 30 kB URL HTTP/1.1 secure-west.online/westpac/bower_components/jquery/dist/jquery.min.js
IP 185.212.47.84:0
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 05 Jun 2017 14:55:06 GMT
ETag: "15283-55137b0464680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/bower_components/ua-parser-js/dist/ua-parser.min.js
185.212.47.84200 OK 6.1 kB URL HTTP/1.1 secure-west.online/westpac/bower_components/ua-parser-js/dist/ua-parser.min.js
IP 185.212.47.84:0
File type Unicode text, UTF-8 text, with very long lines (16817)
Hash 14da93cff6d49885bf214d2503f614db
04d64d738cd0fd2b4eee3b8abc5326dfda3f1dea
49e584e9a0aee55b81771b9e010ccf1da6278da03fb8ddba07ef7a1f0a126732
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 12 Oct 2017 19:16:24 GMT
ETag: "4298-55b5e6048f200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/bower_components/font-awesome/css/font-awesome.min.css
185.212.47.84200 OK 7.1 kB URL HTTP/1.1 secure-west.online/westpac/bower_components/font-awesome/css/font-awesome.min.css
IP 185.212.47.84:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 09 Apr 2017 15:29:24 GMT
ETag: "7918-54cbd85fc7d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/modules/email/main.css
185.212.47.84200 OK 242 B URL HTTP/1.1 secure-west.online/westpac/modules/email/main.css
IP 185.212.47.84:0
Hash 0ba278bb91a1659105a91af0d30640eb
57616c801f203336901d83ab7d118f9944a3f887
41d160ef368408813efb1aa0f7589cf06d8602282911617b006df32817eeea22
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/modules/email/main.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Thu, 28 Mar 2019 17:31:50 GMT
ETag: "18d-5852aede6cd80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 242
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/core/form/core_form.js
185.212.47.84200 OK 3.5 kB URL HTTP/1.1 secure-west.online/westpac/core/form/core_form.js
IP 185.212.47.84:0
Hash 478e2683313e1b6d55ad30c6bdf7e34e
6aaa76428bdaf7cc59c3276d40a60c4b42697422
6d100876a2e7db7a86c83fe241fd70f341c9e7566ffee78194987468c6afb9e2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/core/form/core_form.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 31 Mar 2019 01:28:30 GMT
ETag: "3677-58559d246eb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3510
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/core/form/core_form.css
185.212.47.84200 OK 78 B URL HTTP/1.1 secure-west.online/westpac/core/form/core_form.css
IP 185.212.47.84:0
Hash 88105eb07e3d71fa3c76603f91cd6bac
bb584aff63d2338f0f45166fa27d849c73df67f9
73023e58cdcaea5bbcd54af21d7933e17e02a3d1341ffd64405aa56e7ce4bded
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/core/form/core_form.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 08 Jan 2019 21:35:56 GMT
ETag: "7b-57ef921686700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 78
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/modules/email/main.js
185.212.47.84200 OK 988 B URL HTTP/1.1 secure-west.online/westpac/modules/email/main.js
IP 185.212.47.84:0
Hash 62326b4dc0821bd5ef63150a39950227
509801a801e28b126451bd4f29abae254e45dc6b
febc660f25ea0afa671edab28f2b34cc5ce1f6ed81749f24911ce20b2e47e29d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/modules/email/main.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 29 Mar 2019 01:09:12 GMT
ETag: "b7d-5853151927e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 988
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
185.212.47.84200 OK 3.3 kB URL HTTP/1.1 secure-west.online/westpac/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
IP 185.212.47.84:0
Hash 4d50860adbc3bac5b59f9c900670b2e4
19fb9ee275b56a0b239a76bc301b6d6ef3eae25f
6167a19f3ce290fe0a5620e7240f6a9b8e5137e7b080c2442c0e58b7e1bcbb02
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 18 Nov 2017 00:03:36 GMT
ETag: "4001-55e3695ade600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3284
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/core/token/core_token.js
185.212.47.84200 OK 1.4 kB URL HTTP/1.1 secure-west.online/westpac/core/token/core_token.js
IP 185.212.47.84:0
Hash a007fe2224fa26bd80e880f1369ecf82
5307ec5d533b610020b04d96bd52e3bee7ab0fc3
bcccbd25708337b00b12c3b4a1ca51b855611c164617f887e658b12c00d5940b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/core/token/core_token.js HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 30 Mar 2019 16:56:06 GMT
ETag: "1f86-58552a9cab580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/login/form/css.css
185.212.47.84200 OK 270 B URL HTTP/1.1 secure-west.online/westpac/login/form/css.css
IP 185.212.47.84:0
Hash 4a49024c90af6dab0dd99acb2c4bc144
10c0d37098bf157a2f9290d5a0dc02e9c0a6dbfe
0af9d2b0221c2f0cb8ce50f1a5977d573b1c0262aac862846083f205a020382a
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/login/form/css.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 29 Mar 2019 23:28:16 GMT
ETag: "202-585440672a400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 270
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/core/token/core_token.css
185.212.47.84200 OK 362 B URL HTTP/1.1 secure-west.online/westpac/core/token/core_token.css
IP 185.212.47.84:0
Hash 61666b23b6a31642fc0b4914e040a2c9
ee25d78ce98c3e9993b658e6bdea0f0b0f106c3d
d2e20dbb00e8993b44d7666c705a3f5263a4a5b60297e71684c7a436793e0faa
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/core/token/core_token.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 30 Mar 2019 01:37:12 GMT
ETag: "313-58545d38ca200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 362
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/login/form/form.js?v=633e6259268c5
185.212.47.84200 OK 995 B URL HTTP/1.1 secure-west.online/westpac/login/form/form.js?v=633e6259268c5
IP 185.212.47.84:0
Hash 7c13f4a2b718e7f21ba212a37c55e854
94c0ca2639ff3373c900eb771c55e805509133fd
37ecf1d70ac0d2f7a3b86e183395e31593ed5a304ae8d3a9a7d50242ed29da49
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /westpac/login/form/form.js?v=633e6259268c5 HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 11 Mar 2019 15:58:26 GMT
ETag: "11a5-583d3a4932c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 995
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/login/token/token.js?v=633e625926901
185.212.47.84200 OK 674 B URL HTTP/1.1 secure-west.online/westpac/login/token/token.js?v=633e625926901
IP 185.212.47.84:0
Hash 28b03fc1fab29bb23385a6c622894e9e
d7b91c81b0f209eec15abe2b78caf1daac2ad864
c7200c51b31a700a5aba2bf0a720797124fa8e428f0aab9c8ec20982aba15e15
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/login/token/token.js?v=633e625926901 HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 30 Mar 2019 17:10:42 GMT
ETag: "1547-58552de016880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 674
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
secure-west.online/westpac/login/index.css
185.212.47.84200 OK 16 kB URL HTTP/1.1 secure-west.online/westpac/login/index.css
IP 185.212.47.84:0
File type Unicode text, UTF-8 text, with very long lines (493)
Hash 9b7927bd8e7f3bdd00f62c8a8427eecc
c39ac7bdde5b46c48fb467bfbbc1d093bbd4c3c6
a890beea1beed427b465c80897cc4e4e9dc4cf9c129bc2f362f3f1b5228699c1
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/login/index.css HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 30 Mar 2019 01:18:50 GMT
ETag: "23bb1-5854591dd7280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
secure-west.online/westpac/login/application@2x.png.c0b53ba397179b9462c69ee6a06a68ce498255e8.png
185.212.47.84200 OK 315 kB URL HTTP/1.1 secure-west.online/westpac/login/application@2x.png.c0b53ba397179b9462c69ee6a06a68ce498255e8.png
IP 185.212.47.84:0
File type PNG image data, 1342 x 1271, 8-bit/color RGBA, non-interlaced\012- data
Size 315 kB (314690 bytes)
Hash e490cee5cf77d3aad07e016dac76075d
57fc52395b83c93f373fbe53b243686de9714466
dfc0f1f6dbda32217ccfdff677bebd5bccb0405bae7da3eaa9553240919f9302
GET /westpac/login/application@2x.png.c0b53ba397179b9462c69ee6a06a68ce498255e8.png HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure-west.online/westpac/login/index.css
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 29 Mar 2019 22:41:46 GMT
ETag: "4cd42-5854360269e80"
Accept-Ranges: bytes
Content-Length: 314690
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793337&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793338
185.212.47.84200 OK 57 B URL HTTP/1.1 secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793337&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793338
IP 185.212.47.84:0
File type ASCII text, with no line terminators
Hash 45ff3d4530d2ece44808511992bc3ede
f7826404f98eed7b35d8e4a91a61fc959c38eb78
570ee81ef229502b8ebe83f0a9b89dab712f1678243b8f07402089bdc2a1c1a5
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793337&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793338 HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/json
secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1665032793340
185.212.47.84200 OK 57 B URL HTTP/1.1 secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1665032793340
IP 185.212.47.84:0
File type ASCII text, with no line terminators
Hash a5ec58e685d4d45589b28f6481588a79
06ed3f9bbc1020309a03d53ce9ae1f5f4ed70ece
b186b01818d2d5c746c225287a81134e541eb31246fbda0e7bfc35fe6f619b50
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1665032793340 HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:06:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:06:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:06:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:06:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:06:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 25975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5958f828ccc16a41b22d9ae812bccfc
f350f295dd70152712162d4be5b3b5f0d12cde57
230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:03:23 GMT
age: 25391
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 25773
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2d931d10ab5596a26616db46797f248
03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4
15ac08b069bf5128c8def9d261ce1bd3834fbe7bbb17c49b69c07330a9f325fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7597
x-amzn-requestid: 1c7002f7-2369-4547-82ff-b873f7b055b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmFarIAMFTtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-785f9ddd7c8485be32388494;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9EP_hd2oRC9R-2ihddWSJIUV5xTGSiUOxNfAypAFXtiyU6ofgKVGzw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:26:45 GMT
age: 2389
etag: "03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 26968
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 137
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793341
185.212.47.84200 OK 57 B URL HTTP/1.1 secure-west.online/westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793341
IP 185.212.47.84:0
File type ASCII text, with no line terminators
Hash a5ec58e685d4d45589b28f6481588a79
06ed3f9bbc1020309a03d53ce9ae1f5f4ed70ece
b186b01818d2d5c746c225287a81134e541eb31246fbda0e7bfc35fe6f619b50
Analyzer Verdict Alert quad9 Sinkholed
GET /westpac/home.php?pl=token&link=west_pack&bid=388641dd535453e00be6d4306c87fb3d&callback=jQuery32105942023013467626_1665032793339&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1665032793341 HTTP/1.1
Host: secure-west.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://secure-west.online/westpac/388641dd535453e00be6d4306c87fb3d/login/?
Cookie: real=OK
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 05:06:38 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 57
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/json