Report - my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

Report Overview

Submitted URL
my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
IP
172.67.223.249
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-02 00:55:38
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my-netbank.commbank.application.com.au.pank.com.br	unknown	2018-04-28	2022-12-02	2023-04-24	5.0 kB	232 kB	104.21.25.78
whitecapsgc-my.sharepoint.com	unknown	unknown	No data	No data	1.8 kB	56 kB	13.107.138.8
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2023-05-01	4.0 kB	237 kB	104.18.7.185

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-02	medium	my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
2023-05-02	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
2023-05-02	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl
2023-05-02	medium	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	unknown	29 kB	2023-05-02	2023-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen1 Hash 2a6e131f61826bbb3d82aa1236f21a3d 8c0384ca968c840dd3f9bccfc82771a5cfe5de12 c1cecaca961e752d3c800d5f4ace140c83f1ee0d66bb49789071b58b343fac4b Loading...

	my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511	154 kB	2023-05-02	2023-05-02
Pretty URL my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511 IP 172.67.223.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen2 Hash 088b2f8ebc3c13184b2bbc7f1c6003d9 b1470e373406a333bd33f23bbb3252aebb98cc4a 8b7cca8aa049a4316da19f6dc7bd1581a3e54195d0d36b0facc25263b3802f31 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0	156 kB	2023-05-02	2023-05-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0 IP 104.18.7.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen2 Hash a8ff1f8f239deceac93fb95c4261df99 65a2112b27fdec57192a0ccfa4f0635d4cb1f025 428b672246463bf3f51d6221cc90022f503c4a27f2bfc3b0697bffbf3917d06c Loading...

	my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login	0 B	2023-03-07	2024-04-19
Pretty URL my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login IP 104.21.25.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 02:06:32 Times Seen36951213 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	626 B	2023-04-19	2023-09-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-19 17:10:16 Last Seen2023-09-04 14:53:39 Times Seen4089 Hash 965d195078b6e2b66051d3ab5418dd70 e4589c5ee84bedf04d0ae10b25e4927ddfc7e6d0 99cf2ba13c494c699abf3062b1422e3e7b4fd1342e642d8a249afd52fa682b18 Loading...

	unknown	7.8 kB	2023-05-02	2023-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen1 Hash 521a1e6fb568c56938af4060c252ca2c 1891054c6baea5bad11413db2b1757aec121ad3b 02264d938f5bf4f6a9021160fa677dd49555e264ca7f5cd062354d655f77fb2f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	2.1 kB	2023-05-02	2023-05-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP 104.18.7.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen1 Hash df2e3b584fb74bbd52521fa951369ff7 26622a8fa0e1b4ec5fee22e618f2bd2f4d3d7137 41d78e530e014d37c90b06cb9872cf541b42427e7cdd460c3e80fdab7c8a554b Loading...

	challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit	16 kB	2023-04-27	2023-05-10
Pretty URL challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit IP 104.18.7.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-27 14:42:20 Last Seen2023-05-10 17:27:11 Times Seen1278 Hash a26b9f20dc634fffeabda90cec467fa1 bf3dd0fb148183a0250784dc298ba3e824d46394 5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4be7b6b8aa783300ae657a82c16d2a09	50 B	2023-03-13	2023-07-27
Pretty Observations First Seen2023-03-13 20:38:58 Last Seen2023-07-27 19:46:36 Times Seen3340 Hash 4be7b6b8aa783300ae657a82c16d2a09 39c051c1ee899fb0fdec892c96de143739ad2628 9ce4a40dab4ae7a062f4860f6a5f77bb0f93dd15b4a24f086e633a62dfaa26cc Loading...

	#2 Eval - 843ba2cbc3d8ef2289654b68cf7a71d5	547 B	2023-05-02	2023-05-02
Pretty Observations First Seen2023-05-02 02:55:44 Last Seen2023-05-02 02:55:44 Times Seen1 Hash 843ba2cbc3d8ef2289654b68cf7a71d5 bb9ae097bfa061b875c9613f2131d2da84f9cf6c 5488497be650672af6c814efa341a2d62fcbb3c486474c818eb6aca29036aef6 Loading...

	#3 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#4 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-19 02:06:21 Times Seen347590 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#5 Eval - a237b7248cbbfbffe82c5d5782895207	2.3 kB	2023-05-02	2023-05-02
Pretty Observations First Seen2023-05-02 02:25:28 Last Seen2023-05-02 02:55:44 Times Seen2 Hash a237b7248cbbfbffe82c5d5782895207 854f9123cfe083e36c2fde7b52fcb371eac87db7 36190287ac659944302c872611c014dc3a5aa051fdec500a21b9244049ff5b38 Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (16)

URL IP Response Size

my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

104.21.25.78

403 Forbidden

3.5 kB

URL User Request GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
IP
104.21.25.78:80
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1625)
Size
3.5 kB (3524 bytes)
Hash
4cb5f314027997b72542238213c1af1b
ad960a367dda2f55303c73a25beabc36df71c841
0bef280f130fd835d38470e510a9bd8bb1cf7cdd3f9a43dc232f6bf886af1600

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /a1b2c3/31339703862ae1f68ecd090b561368f0/login HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X9mzQpYKBPGHnG3kCFN%2BIwixrRFq4axTC0nsXCDlaE9LrjsMff1SDShQBnevsFrITwBhTJq%2BhFxA4cxbvF47IZaVgu2ZubXsPGx6OFB9aQFBMFV0E5slKzNbFongkle4HJ710tmsUJ0lfZQwFMdd8Qgfuw1i%2FhUMSVsDcmnelLD%2BvPefQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c618c4bb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css

172.67.223.249

200 OK

2.6 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
ASCII text, with very long lines (6600), with no line terminators
Size
2.6 kB (2624 bytes)
Hash
9fa2f809c184b1f61b213cd4e503a226
5d7a209eb9da1e823ea6bdc9610005d7a224b35f
f47ef292aa20330e7c78dc476c33845afbc76cb0ba0901bc1f29492cfeb28437

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:28:50 GMT
ETag: W/"6447b972-19c8"
Server: cloudflare
CF-RAY: 7c0c4c626814b512-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 02 May 2023 02:55:23 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511

172.67.223.249

200 OK

42 B

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:28:50 GMT
ETag: "6447b972-2a"
Server: cloudflare
CF-RAY: 7c0c4c631872b512-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 02 May 2023 02:55:23 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

whitecapsgc-my.sharepoint.com/personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0

13.107.138.8

54 kB

URL
whitecapsgc-my.sharepoint.com/personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0
IP
13.107.138.8:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
54 kB (53754 bytes)
Hash
d154e2da1f5e293ec226200a3476951b
2b255cae266d3359efa7d96fc8199802cc1ec499
6e562ce04ab586de6c28e7e31c20acdd94651212a5d1738250ab972863863772

HTTP Headers

GET /personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0 HTTP/1.1
Host: whitecapsgc-my.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=187607054-
If-Match: "{72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5"

HTTP/2 206 Partial Content
cache-control: private
content-length: 53754
content-type: application/octet-stream
content-range: bytes 187607054-187660807/187660808
accept-ranges: bytes
etag: "{72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-networkstatistics: 0,525568,0,0,423,0,24489
x-sharepointhealthscore: 0
docid: whitecapsgc-my.sharepoint.com_4fadd5ee-d0d8-4daf-9bef-880943b55933_72fb1f31-91ab-4c12-ab3a-83eca5f647e6
x-download-options: noopen
content-disposition: attachment;filename*=utf-8''God%20Of%20War%20II%2EkuyhAa%2E7z;filename="God Of War II.kuyhAa.7z"
ctag: {72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5,2
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 1dc2aea0-e00a-d000-ec92-a53f54fe3102
request-id: 1dc2aea0-e00a-d000-ec92-a53f54fe3102
ms-cv: oK7CHQrgANDskqU/VP4xAg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=999631bb-7899-4822-bb6a-0f2cb162a8a5&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.23612
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7592E46F5EF64433A34946B71B025BBD Ref B: OSL30EDGE0412 Ref C: 2023-05-02T00:55:22Z
date: Tue, 02 May 2023 00:55:23 GMT
X-Firefox-Spdy: h2

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511

172.67.223.249

200 OK

55 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
ASCII text, with very long lines (65536), with no line terminators
Size
55 kB (54838 bytes)
Hash
05af5db7ddf792030285df306abbc6a6
4d841ca0d004b507b172d0a6190141952a83201b
eaef23509fa46d4dff5392ba9fcfe2d7e6fd40be2e9af469b7af3c0a07840941

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login?__cf_chl_rt_tk=ndejAeHS9lm57TnPvji5FuWLznEx5AAaGti00w_dHLk-1682988923-0-gaNycGzNBiU
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INMeu3%2Fq9Peb11c8Y8e3YHcCMLUQOiSLqAwtNsAjze3vhzMTvTSdkkWE9ZIL2Ki1qwQoOIYcPrG0D3cflGTCdVX7v%2FPr7Gyaj6Wzct1a2tQmaMpgTc3t4XsmcG6kclMFm5igcqlU2IglpVAdin9C7NH0sGtsbR0TugNPFCjJC35XxfaxZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c632875b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/favicon.ico

172.67.223.249

403 Forbidden

3.4 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1561)
Size
3.4 kB (3402 bytes)
Hash
382556f660e733180e8f40a9d7c8135e
abfb948ac46a1e08c4869263d6828d0344cc12e5
3de15de85d176643b292964088b9caa1eeeac535f7bc0f7136286b4cf836f13b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJkATZawN3J7bvdb5NE%2FJkiLY16DzW25V7TJKf6FzuuGns4WKKoAZE3YoSrdGGEh1rNiCGgq9PqTk%2BpGK92bNInp%2BomBbgb8GSyeiC8pkQDfBR2fxTPaCEW%2B685lc6O9kNyo%2BAvA%2FtieInEP29J%2BbrfcZwe8hvzj1O6htAo6E5IPrEuS6w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c63788eb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/favicon.ico

172.67.223.249

403 Forbidden

3.4 kB

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1583)
Size
3.4 kB (3418 bytes)
Hash
190102845dbd1b75b97752ec8b23d8d4
77bb64afd19d90b26547dfde0c475dd909174f4c
ec7235bfcd19dc0f1bb42662fc71647a9967636ae740190d9898a11b082d9bd4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLqk%2BlBatj7tRTQbUvKyHm7SE8pFNY4flD14WgeIzO07npIsh3%2BINxl15naQ%2BfNvmBomNP4FZxdj1lOaYKaO01a%2BLmJXs1OPBNk%2FpY2JB2BCXDaEtSGp4xmjwMI2p%2B6cZBKfBBrQUBtWirsBrGC6t7r718xOjCjnVgxK9th8K2Vadxin9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c63bb1b1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit

104.18.7.185

200 OK

6.0 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (15685)
Size
6.0 kB (6010 bytes)
Hash
daa10d1ba7ba0f4bb00c1c9714f4cff7
b733f6ef8838f7cb7113f187d0a9c8f4cf9a51ac
bc90e3f00e56fecfcb7829a44761c8f020944b095e550c359870571dabf63493

HTTP Headers

GET /turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 02 May 2023 00:55:23 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c0c4c63e945b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd

172.67.223.249

200 OK

151 kB

URL POST HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
ASCII text, with very long lines (65536), with no line terminators
Size
151 kB (150570 bytes)
Hash
e1034fbe6784eebf5ed548a7cb899d3a
85113b9718555ebe2572cea35d24db0d9babb9fd
ddf5ea34f8229079a68acf4544677661e834ab0edcc347d01a3155f43d0dba44

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2cab91d4e6c8ebd
Content-Length: 1830
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: ipL2n0g077kcHtIvMr4ajfeYYF/Yeac2l11CN3QAOMrCW5/hLItSJkVImLXFre2Ot6soMAa+uSM+zo9JuL5wUuBbaebJ7uytsqzJV1xeLfAuxHRuvDDY/T0dOHIO5VrX/tDd8HAqq+oAgUN0AlUHpoZcUCbbeiHKmTlpkzrkNv/0XY7zrnpg/oKWudqhqKOFEdVoWdnW2ZZDPA2xLH1NUkikhvxF5pSgTf4Y/PMZR9LuGH5fy0KGUxENWlkiRVFcFYe5+5NA0c8dOk2szLYpGpcdeVMnoceI36xEay2MrUlUlO7/l6qwGW+a8u+iwX9nSMXzQR2cDcmRww8VhkVCFUG0m9PYGlWm3Ndm6GLGApt6KpoQEzTYeW+cQ7CH6dnq9TxRYcvTOctcPTnG1b/Vp7AYcKoTDjhAxvJ1sRQQPcO/bu6aGWVGs0BUhwg7+zGr$HvIRO0q96Y4dB7zhQCVFjw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu3cLGAiiXK8QZZC9iW3w6gQCZfaPtRMVq62CmYYr0dg2H4xfANLgxm2H7bfkQZMNQRNpVwGeCrjQWdtUxjWDFmqu2sIbWv7ALWU3CcacXSf2D3JOjA%2FcHhflrVJuYFkKKlEmzJr%2BM2K%2FJgq8F5WtjDLpOQDn9%2B9lEG7eoj%2F8zKCovzIWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c64dcc3b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl

172.67.223.249

200 OK

61 B

URL GET HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
PNG image data, 25 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
61 B (61 bytes)
Hash
e12b35d989e0a56e1c5b5a415b668944
a1bcd88d0f1311e32b28c359c089f20aaa2970cc
90692273abfa5a76d8bb5c9552847d9f8c15c81b208abc42ff104109c18fe13b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPcfOkQVxQOwWNL3%2FWf7fdKiYDujah5nAaZ1V8yLsoaonyJj2KVBTPeDIXU2BQ6xRkxCAjo7v9lkjmoxWDLO6sR%2BpIaQrlLYwXFzZmbUXFf5kYkNJzs6I8YCD9o7W1Zi76Mih%2FjGCZTxXV8pZJbOzJfs%2F4FOYDZHStmNNABXMovLPKqeOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c66ada3b529-OSL
alt-svc: h2=":443"; ma=60

my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd

172.67.223.249

200 OK

5.6 kB

URL POST HTTP/1.1
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
IP
172.67.223.249:80
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login

File type
ASCII text, with very long lines (7376), with no line terminators
Size
5.6 kB (5593 bytes)
Hash
1e087dcf7fd9c63575c5f18c9d1b381a
b0f0e2b0e9bbba9b4a4f59ecb12cba1e41b2436d
862e5870f083566fbc8c21e433ba94aca224987f51bd5a6ef6357386be9551ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2cab91d4e6c8ebd
Content-Length: 16803
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:25 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: UQ61+ysqzvlOGLd62XUU/pyH4HLRxUAl3JHsa5H8olbDTSZnvQdnbDz3A5Jx02IW$jLo1afPAUKn394JWwgoUXw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhtmozlfrpA%2F1BR68xWcjNNcvpSp%2FwO7aBHI3onCVtn9Yg2dBMFCItSpyoWP4RavS%2Bq33xPAaJLSrpBgGQdX1JTdBH9%2B1TwVymoTbRI0VYC6ja94UxN4vJ5xAYZuKj0Ytl69B3dDp0ElTj60TgHe4%2BjSDpgQo0uO7IT2w4trtSDQYSnKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c6f2937b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0

104.18.7.185

200 OK

156 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
156 kB (156225 bytes)
Hash
a8ff1f8f239deceac93fb95c4261df99
65a2112b27fdec57192a0ccfa4f0635d4cb1f025
428b672246463bf3f51d6221cc90022f503c4a27f2bfc3b0697bffbf3917d06c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7c0c4c701b01fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

104.18.7.185

200 OK

23 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9343)
Size
23 kB (22617 bytes)
Hash
3abd134b960cb431c06b4872fbf23d70
b1c8c49937ee7b8c21c0764f1e2fa6f21a57c580
b52f7932f43f1287f637ffe3985a93756ac4785bb62878256420f9a1f73ccd47

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7c0c4c6f7addfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr

104.18.7.185

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
PNG image data, 21 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
61 B (61 bytes)
Hash
f5caaa25c7ec0ee9c55f0c6910012aab
1bff2ad781f05ca76f85f601dd781db302260521
f00cdebc48bd95c03f99e3211db17930da43f298301f321749b7b826385e5929

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: image/png
server: cloudflare
cf-ray: 7c0c4c72db86fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4

104.18.7.185

200 OK

10 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (10424), with no line terminators
Size
10 kB (10424 bytes)
Hash
1952329714f9dd3f9606da02b86efa34
3d98b56d4586d17f8d8a60fac229de8996e69d70
8941431aac63aab471cec8b35313c1e9fc634d8760217305c866b1b9d0dd3301

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b475c509ff6cbb4
Content-Length: 16214
Origin: https://challenges.cloudflare.com
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:26 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: GVCzBPap5VebBrk0cikVOSjH9QlCpp/6zWNrGt2jfsSRMDFafnrXbAk3Wl5sf144$VPkIa4V/A8ZJZHemsTx/3g==
server: cloudflare
cf-ray: 7c0c4c748bcafac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4

104.18.7.185

200 OK

39 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
IP
104.18.7.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (38908), with no line terminators
Size
39 kB (38908 bytes)
Hash
81189bbac89dffd702c36a360a37fdd5
67d5cadd999834aca3bc358ac64f3181d13748c3
9daf9fa1f4fb64cf0cda4a467d0cd305224eeb746bf0e5ebcac3307fb7afafe9

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b475c509ff6cbb4
Content-Length: 2627
Origin: https://challenges.cloudflare.com
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: VHpoviXPuXPl6h+Y/j2K8c8/tSRa6IyRPuhQ/2qzvDW5Q/6UhLEf9R0AZCxtnA83YnJMm801noJDeO8Nlq/scB4Ld5gde0gDeQThLwp55SbJhx1Zx+VPUdce6ywX/UVOVVWYdEfNJTFukS1h2sVEFKzfThy4p13+8oQ9O4LYm5UMwBqOucjIBcg+bUVLj3py/LFaholuV6Er8at9SqhhtupFkUWlftNYtZppq/BL7JrSFkulbsYOlNOZUC7ozPY1+5Hm2rGLTyNRRNgCZgUbQVY+gPc8bseoJc4OlwFZ7njPBPRnfKmw33xJvjC2SQdvycAhdjZqUge8UZZXpR9JipfeIncrdleIeew3alrJc+U=$OOWMJEM/XQQFyM1VkgXIwA==
server: cloudflare
cf-ray: 7c0c4c713b39fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations