Report - my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

Report Overview

Submitted URL
my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
IP
104.21.25.78
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-20 02:19:24
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my-netbank.commbank.application.com.au.pank.com.br	unknown	2018-04-28	2022-12-02	2023-04-24	5.1 kB	170 kB	172.67.223.249
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2023-05-19	3.9 kB	377 kB	104.18.6.185

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-20 02:19:07	medium	104.21.25.78	Client IP	ET INFO TLS Handshake Failure

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-20	medium	my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
2023-05-20	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462
2023-05-20	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7ca117ca2fa30b59/1684549147608/2ffrdHU1U6qmbJR
2023-05-20	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/	0 B	2023-03-07	2024-04-19
Pretty URL my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/ IP 172.67.223.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:06:43 Times Seen36960768 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7ca117ca2fa30b59	151 kB	2023-05-20	2023-05-20
Pretty URL my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7ca117ca2fa30b59 IP 172.67.223.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 04:19:26 Last Seen2023-05-20 04:19:26 Times Seen2 Hash 9447d08cbb3578c8d23763a651e8ae17 d4f59b59f02153f2bb8c585e16e8fa7decff4f94 c0b7d68337f733043de9cc1d3e0f5a8e878ee4b4c48c90e0778ce060d4288a9a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	2.1 kB	2023-05-20	2023-05-20
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP 104.18.6.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-20 04:19:26 Last Seen2023-05-20 04:19:26 Times Seen1 Hash 0bda3f57592dc4c10359c8029dc4218e c9e7764989854fb4a0b2c944f8e0fe80bbedec09 18b1be5c983dd9aa12fdf01361cf07781093bdb03e9304df1e9a898369e5606b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ca117e2ecb31c12	155 kB	2023-05-20	2023-05-20
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ca117e2ecb31c12 IP 104.18.6.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 04:19:26 Last Seen2023-05-20 04:19:26 Times Seen2 Hash 086e2ae33b309e79154d71f36b18b86f 13b29c5d202c9b319e5c0d6a078a3c037ee72684 8b2ddfdd166be69cf2b1cb78a2d4f88a40adea3a10dbac1c7ba47b287eacef10 Loading...

	challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit	16 kB	2023-05-11	2023-05-24
Pretty URL challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit IP 104.18.6.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 21:35:20 Last Seen2023-05-24 12:15:50 Times Seen1924 Hash 84ac9acb2137fb29c69c1a1324fb6946 c090d51d27463ba19fcf597c7069142686b445d1 51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-19 14:03:15 Times Seen347640 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#3 Eval - 93e354e833ee7b4feead7057a3f33168	13 B	2023-03-13	2023-07-11
Pretty Observations First Seen2023-03-13 20:39:31 Last Seen2023-07-11 14:53:30 Times Seen14356 Hash 93e354e833ee7b4feead7057a3f33168 4025c763f11cdc2eef6318108989528620fef9e7 80b90237b40178e74c34d6652d95b3918d01b603ba83f9dce47ba6b19343c245 Loading...

	#4 Eval - b6bc6a00fec0ab8800bc6bef53723f0a	1.0 kB	2023-05-20	2023-05-20
Pretty Observations First Seen2023-05-20 04:19:26 Last Seen2023-05-20 04:19:26 Times Seen1 Hash b6bc6a00fec0ab8800bc6bef53723f0a ea515afca93eff95ae14300e2f1b714c02e0d34e 83e5ff2ce683b46a35362f07502c4494e8908f4cbb080797cafa172ed836e1a8 Loading...

	#5 Eval - 50bda72e04f85f9b4338c0f939c34b9c	15 B	2023-03-13	2023-07-11
Pretty Observations First Seen2023-03-13 20:39:31 Last Seen2023-07-11 18:15:28 Times Seen14456 Hash 50bda72e04f85f9b4338c0f939c34b9c d53056a9d7a7424238f0faf0b93b098f28d4d3ca db8d20f2dfaf9df3877967927de5ecb9648fecda131ab44bf854f8d72baa2b23 Loading...

	#6 Eval - e4068ae7642e9f5fd67bf766cb868870	515 B	2023-05-20	2023-05-20
Pretty Observations First Seen2023-05-20 04:19:26 Last Seen2023-05-20 04:19:26 Times Seen1 Hash e4068ae7642e9f5fd67bf766cb868870 b169f8e08f113e5eb304702367d3314efc7a1a22 ca75673165f6609c0eb192d2deff09d75da3dd85ddc72c93f6802ace68c8fd0d Loading...

HTTP Transactions (15)

URL IP Response Size

my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

172.67.223.249

3.5 kB

URL User Request GET
my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
IP
172.67.223.249:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1647)
Size
3.5 kB (3548 bytes)
Hash
ed7881a868d1b8cf8fa6fd2afc3c890d
e1b649cbb73ba7852b13628a13e6add6b1d3c02c
03191d21f24c50feb38f1f112e2a755a5666ee5d239a9e31ab2b5e56119c4d2e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/ HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDaEAe7kqtXsrGpCXY7eWxxtTSOzmGoQ6tlkNmKZEyMaJu5N%2Br2frTyACGP52eHu1lwut%2B0XisZRx11H5SHthGzuTFUJRG7HiNCfRTX8Zlgg%2F3%2BfEZgf7o%2BHPOLX%2FwyW%2BKgXiEC0XqpE%2FYaLxQV3fITJi%2FqmoRtDt6ljLut9vij3qHPdJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ca117ca2fa30b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css

172.67.223.249

200 OK

2.6 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
ASCII text, with very long lines (6600), with no line terminators
Size
2.6 kB (2624 bytes)
Hash
2c78b7f8fa496092bf41d5edd51611e7
8b0b1b276e8194b0a5497db478ec2ea9b4f83c42
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 12:46:56 GMT
ETag: W/"64661e40-19c8"
Server: cloudflare
CF-RAY: 7ca117caef370afa-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 20 May 2023 04:19:07 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7ca117ca2fa30b59

172.67.223.249

200 OK

42 B

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7ca117ca2fa30b59
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7ca117ca2fa30b59 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 12:46:56 GMT
ETag: "64661e40-2a"
Server: cloudflare
CF-RAY: 7ca117cb0f400afa-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 20 May 2023 04:19:07 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7ca117ca2fa30b59

172.67.223.249

200 OK

54 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7ca117ca2fa30b59
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
54 kB (53694 bytes)
Hash
9447d08cbb3578c8d23763a651e8ae17
d4f59b59f02153f2bb8c585e16e8fa7decff4f94
c0b7d68337f733043de9cc1d3e0f5a8e878ee4b4c48c90e0778ce060d4288a9a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7ca117ca2fa30b59 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/?__cf_chl_rt_tk=7gLOFEdKnwuk1GdGx4BLathFKvzBcmjtrIPeXNDqkRs-1684549147-0-gaNycGzNBjs
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpUeosU54%2BB8M7e63N21zBgVSmCJoL4RB6X3mKIP0vB1f7bVg0dtQlAJFCQlGPt3Cy2suCqn%2BgdWfneDt0TNvyys2A3RyqYJAoqaio2hbGBQUKkI4vAW9rkR0Li3qedPGNo5IwSnl74Q6paAfhLTQ0%2BGEUwgfU%2Ba5YwVX08dApokjS7qpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ca117cb1f430afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/favicon.ico

172.67.223.249

403 Forbidden

3.4 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1561)
Size
3.4 kB (3402 bytes)
Hash
0f75f84b2da040c7106448e2eb46f777
3e96295079bbbe230e92ab0976204ce3dfb93339
533accc5daf4c181d252f079c4aa2761ab724d9adb28d45c24fb174e6f49dfe3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsExzqBk0paQBLNSq2uGQkMbhlO4NhDrPgA9KB%2FvxymF1lJZeY1xz%2FB1RTBOjRxFyRtoY6JK3Ba%2Ba6%2BAnQxVF8Ui6VSKsy9ZoIxR4xnBBae2Kb4wIHrOtHJb%2BhUyOGk4iugtTOnIkU%2Fu5B35NPjjcxWKER3uKIlbYzITUR1MhC93FqKGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ca117cb3f480afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/favicon.ico

172.67.223.249

403 Forbidden

3.4 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1561)
Size
3.4 kB (3402 bytes)
Hash
9d46d78e162148f97714b4b12463ad50
11572f342b76a75d9a74ed6baecbe46f36bcce31
93d07e8bf9f72f4c7423d205a5b8aef3ca592db3d2be0cda3eea7356e3f8c506

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ8g0eOSEGqI%2Ba36WtOu%2F0itpt6uEXNN6%2FNNpxQKCU635tzldttMIQpGMPooomGrWGZSIEgD%2BG4uxdj7hJn0QALpjTe9LPeNyJbjX7%2F11Il%2FhVoJ2uwZqWndUodDgAfDVN4%2BFGS4SPWbJrHX06s1%2F3foQqtJHFyWsgn02rvmETSm72%2Fq8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ca117cb5f510afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462

172.67.223.249

200 OK

90 kB

URL POST HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (89544 bytes)
Hash
10aded504cd491cbaccbff355deec307
712d445f8eff8f5aebba87317535213040cca3f2
e89428488e64b4c0f3a8155b8b95342e63c1a060a1f970cf56973cb7071b3a40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 63746566c7f9462
Content-Length: 1836
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=63746566c7f9462
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:07 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: qufQ8OBZIKy4FcuYkgDGELE1SDMXGWlIzQhZ4P4TfsXPenJa279UqrL8ayiqIrQ9ft3Tmn+4Ku91ytPg36Uj71etm2Odhs8cuiy6H/ZyWSqM3ycriPgu4sw6mefvBIbRA/YFyaDZlzrJf1+Ftlm+MdRPlDEhDfgrlLl8VOvpda0tj5C1yFGwb5cxX3F6vW6B8MMW5wLTOJ8CfY1YA8chMiT30dVCxnBsXmhR8/9Y2xzCYORQIMulalgOWu/WryFwFgp9ZO1ROkhFtdF+h3Eo+1opUe+k/xf7Y3iR0Grl3hlXfOPR7AFlrJSgPkkSAytY7VowtjijjAazGIMTkYQ1eWLNkBeEszUcfoMRqulQ5bUvkBfGtRLJVJEG/zdEOSvJ$lsB7lknwDa1xk8ETmgJI0A==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmPtWHi69yzuPu04D1rHf6i%2BQF4iuU5S6KskMKePxDg6FBOv9DgGU1PcUD5cDQBYwiihIAeqqrH47wfXnKbQ3ouKb7lfnJxjS7wap52DZVKcME%2FNIDvvM9MGhPWWedvaIjTb%2BvgDAuA67QVttdRIERHmTyAyC8CAYC2fUNUZu2hCEFMa3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ca117cc7ac6b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7ca117ca2fa30b59/1684549147608/2ffrdHU1U6qmbJR

172.67.223.249

200 OK

61 B

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7ca117ca2fa30b59/1684549147608/2ffrdHU1U6qmbJR
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
PNG image data, 66 x 1, 8-bit/color RGB, non-interlaced\012- data
Size
61 B (61 bytes)
Hash
365ce49bd1e1edb74e46abece864d7cd
126651e0df6fc8674cac0606a71e0a1f56dea01e
ba11f029c6a0ac54baa5c5b3a8aaa12ef9e18a8b40cd66f221d12432de582285

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7ca117ca2fa30b59/1684549147608/2ffrdHU1U6qmbJR HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=63746566c7f9462
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:08 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2XOj3eTByV7IpglMm5%2B6j%2Fa50PFwM3X58hYgA6LEE%2Bt%2BvlsROW0YRN03pD%2FfgFAocNMUJfX1a0oGQE32W8NUabVlANMGq%2BpgtxthsE9kkcfMWk4ntFtcPXHgz3PAlBvztfHkS4Z%2FD7CmuK2bnrbt4iYfm7FW%2BVovKQoO6wg3EofX%2Bg75Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ca117d43e5fb4fd-OSL
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462

172.67.223.249

200 OK

5.9 kB

URL POST HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/

File type
ASCII text, with very long lines (7744), with no line terminators
Size
5.9 kB (5863 bytes)
Hash
4c383438a41f1456622cbb016138c2b1
8c4548b0b49f872ca51c298eeede89079683460b
35cc5124450bcab57990e976687dcc8c3edee13bbb098b147f3ab9b7f2537330

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1078169077:1684546119:Ek1ukXRjlvPsLxNAzgGlGEXW3NhvSucFcBiQS9LDnlY/7ca117ca2fa30b59/63746566c7f9462 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 63746566c7f9462
Content-Length: 16635
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=63746566c7f9462
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 02:19:11 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: PaycUQpOpSZP7g5WNVe2IoCEtFVpHwxpI0KcLSHxwAzcWvRMxBGSkc11c+1zM/2P$/Z/gu5xtxlDipOAaJLFJ8A==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVXIlAaqfg2vpHBRFdFE9I2iEBbeCWB0YQixXWSvEU%2FQOUI0xJAwiMIaI1LwdP41rUFq%2BUASmqYSnUwtlfuEGAuiGfdTCY2lfkCV%2BqakSQetHHdtLEIL9xBQF%2Fd3I0u9sjk%2BP2bp24pa%2F2EohifcsThrZfGeb0xrnzfItlLwPy1d2HFhZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ca117e2ad92b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.18.6.185

200 OK

23 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9343)
Size
23 kB (22610 bytes)
Hash
f9b6b5a9cbee9a1b1c3c7a73c4bef539
24dbddd19b9b99d42b4f04cf1ac9479633cc9b34
3ce71df382d95f4704b46d03ddf4cb945c94e4dbb2dc9ec469666f718f5dc106

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 May 2023 02:19:11 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7ca117e2ecb31c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4

104.18.6.185

200 OK

13 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (13212), with no line terminators
Size
13 kB (13212 bytes)
Hash
e25fd3220af194b726f8a2f69f32c0ad
e6b7c98a5d702e68be76ae9a197ce088712cf697
ecc3a6f52c11ad77c1a793a851380f3b367a5e213d69212b3433f96b1b527511

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0c34ef0e5975fb4
Content-Length: 18612
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 May 2023 02:19:13 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: quXe6hxLdoRFQPcsjtHmw+QfEuqcy1O2xVwfaUH7uhi/wgZjAVLgbmrTIjBXsIcg$vmiSsdekRxUciaJtfJXXkw==
server: cloudflare
cf-ray: 7ca117ef88471c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit

104.18.6.185

200 OK

16 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/ddd77a8618e0adda0d7e8964d463febd/login/
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (15734)
Size
16 kB (15735 bytes)
Hash
84ac9acb2137fb29c69c1a1324fb6946
c090d51d27463ba19fcf597c7069142686b445d1
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c

HTTP Headers

GET /turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 May 2023 02:19:07 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca117cb88db0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7ca117e2ecb31c12/1684549151457/I6DN1hKrXNg8LKg

104.18.6.185

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7ca117e2ecb31c12/1684549151457/I6DN1hKrXNg8LKg
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
PNG image data, 70 x 29, 8-bit/color RGB, non-interlaced\012- data
Size
61 B (61 bytes)
Hash
75ecfcf2dbb33b505df908cda6fb6c5e
4bcd6093cd1dc7c7b87946a9714349bb1fae9294
bad775916eb7ceb13dc35eed5340c63e6676f970e44c8419f33f045e2fb36881

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7ca117e2ecb31c12/1684549151457/I6DN1hKrXNg8LKg HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 May 2023 02:19:11 GMT
content-type: image/png
server: cloudflare
cf-ray: 7ca117e5cd8d1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ca117e2ecb31c12

104.18.6.185

200 OK

155 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ca117e2ecb31c12
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
155 kB (155330 bytes)
Hash
086e2ae33b309e79154d71f36b18b86f
13b29c5d202c9b319e5c0d6a078a3c037ee72684
8b2ddfdd166be69cf2b1cb78a2d4f88a40adea3a10dbac1c7ba47b287eacef10

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ca117e2ecb31c12 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 May 2023 02:19:11 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7ca117e36ce11c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4

104.18.6.185

200 OK

168 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4
IP
104.18.6.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
168 kB (167804 bytes)
Hash
ec0251b710f0285c3cb46ed9d1597492
7e7d5fbe269f053f5db9b9708af85495a77d64b1
eb071fc8260fdb59e9d02cd2dfe50c2d35ce198a7a20c98bc69021f10fb85e98

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2099594737:1684545990:KX6Ij2tX4xcZlLkZFWm175lB_qA3sobVAH5E72fy64w/7ca117e2ecb31c12/0c34ef0e5975fb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y62qs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0c34ef0e5975fb4
Content-Length: 2804
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 20 May 2023 02:19:11 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: GgkpTB2JtkuBT4GxngU/Bn5sfJ3GKMOSgzYxhYrFTLPcSSYdCpuwAwyNQl0oRYiHXCIM3EIPN6Bzq0fWFo8HRzh3MzMzdDhuOExW9uktJHyIJpK8mCtV6YFnJltp6gXzIG5iZg75hUixDFO1M5pmdFnoeN+tK3wE3n+gABJ3KyzqcutNQ370P1IDtHjseLxSSBIOc47uqOjyjKfGzFB9NhTG7d/pY6Y4+3X9X5PlMhH7Tl1V0mv/nZlwzPmEh55+7DxKVCJDnC2W4JvZPE/TzUkRyEPAZq3F9ONejNMwJdWsgtq3TeB4M5iHPevGf+FGtlkVpwujc4QW1QG9wrOyGT5zlJcldVm5HrkKrK0wWH2sW2wvzKqNRVQqRwRrIeatrZpuWuN1EJyG/pTYV+ItuLprjzcqOYuHD7I/UGmMth2GWoWhcgan/t21PwZ7QsEF$9QyzlgJS3ef7LDpWjb3fMw==
server: cloudflare
cf-ray: 7ca117e48d3e1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (15)

URL User Request GET

IP

ASN

File type

Size

Hash