my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
104.21.25.78403 Forbidden 3.5 kB URL User Request GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
IP 104.21.25.78:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1625)
Hash 4cb5f314027997b72542238213c1af1b
ad960a367dda2f55303c73a25beabc36df71c841
0bef280f130fd835d38470e510a9bd8bb1cf7cdd3f9a43dc232f6bf886af1600
Analyzer Verdict Alert fortinet Phishing
GET /a1b2c3/31339703862ae1f68ecd090b561368f0/login HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X9mzQpYKBPGHnG3kCFN%2BIwixrRFq4axTC0nsXCDlaE9LrjsMff1SDShQBnevsFrITwBhTJq%2BhFxA4cxbvF47IZaVgu2ZubXsPGx6OFB9aQFBMFV0E5slKzNbFongkle4HJ710tmsUJ0lfZQwFMdd8Qgfuw1i%2FhUMSVsDcmnelLD%2BvPefQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c618c4bb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css
172.67.223.249200 OK 2.6 kB URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/styles/challenges.css
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type ASCII text, with very long lines (6600), with no line terminators
Hash 9fa2f809c184b1f61b213cd4e503a226
5d7a209eb9da1e823ea6bdc9610005d7a224b35f
f47ef292aa20330e7c78dc476c33845afbc76cb0ba0901bc1f29492cfeb28437
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:28:50 GMT
ETag: W/"6447b972-19c8"
Server: cloudflare
CF-RAY: 7c0c4c626814b512-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 02 May 2023 02:55:23 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511
172.67.223.249200 OK 42 B URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7c0c4c618c4bb511 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:28:50 GMT
ETag: "6447b972-2a"
Server: cloudflare
CF-RAY: 7c0c4c631872b512-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 02 May 2023 02:55:23 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
whitecapsgc-my.sharepoint.com/personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0
13.107.138.8 54 kB URL whitecapsgc-my.sharepoint.com/personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0
IP 13.107.138.8:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d154e2da1f5e293ec226200a3476951b
2b255cae266d3359efa7d96fc8199802cc1ec499
6e562ce04ab586de6c28e7e31c20acdd94651212a5d1738250ab972863863772
GET /personal/fred_quezada_whitecaps_gc_edu/_layouts/15/download.aspx?UniqueId=72fb1f31-91ab-4c12-ab3a-83eca5f647e6&Translate=false&tempauth=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvd2hpdGVjYXBzZ2MtbXkuc2hhcmVwb2ludC5jb21AM2U0YTZjZjktYTQ2My00ODFiLWFiYTctM2UyMzYwMGUwMDllIiwiaXNzIjoiMDAwMDAwMDMtMDAwMC0wZmYxLWNlMDAtMDAwMDAwMDAwMDAwIiwibmJmIjoiMTY4Mjk4ODg5MyIsImV4cCI6IjE2ODI5OTI0OTMiLCJlbmRwb2ludHVybCI6Inp2MENiT0N0YW9mM0Z2RWRlbm5HV2ZYeVg0VlpVeHpWNW82RGdRSmdGU1k9IiwiZW5kcG9pbnR1cmxMZW5ndGgiOiIxNjQiLCJpc2xvb3BiYWNrIjoiVHJ1ZSIsImNpZCI6Ik9XRXdNRGhtTkRFdFlqRTBNaTAwWWpCaUxUaGlZall0TkdVMk9UbG1aRFJtWldKaCIsInZlciI6Imhhc2hlZHByb29mdG9rZW4iLCJzaXRlaWQiOiJOR1poWkdRMVpXVXRaREJrT0MwMFpHRm1MVGxpWldZdE9EZ3dPVFF6WWpVMU9UTXoiLCJhcHBfZGlzcGxheW5hbWUiOiJPbmVNYW5hZ2VyIiwiZ2l2ZW5fbmFtZSI6IkZyZWQiLCJmYW1pbHlfbmFtZSI6IlF1ZXphZGEiLCJhcHBpZCI6IjczNGVmOTI4LWQ3NGMtNDU1NS04ZDFiLWQ5NDJmYTBhMWE0MSIsInRpZCI6IjNlNGE2Y2Y5LWE0NjMtNDgxYi1hYmE3LTNlMjM2MDBlMDA5ZSIsInVwbiI6ImZyZWQucXVlemFkYUB3aGl0ZWNhcHMuZ2MuZWR1IiwicHVpZCI6IjEwMDMyMDAyNjFENUFFMTciLCJjYWNoZWtleSI6IjBoLmZ8bWVtYmVyc2hpcHwxMDAzMjAwMjYxZDVhZTE3QGxpdmUuY29tIiwic2NwIjoiYWxsZmlsZXMud3JpdGUgYWxsc2l0ZXMud3JpdGUiLCJ0dCI6IjIiLCJ1c2VQZXJzaXN0ZW50Q29va2llIjpudWxsLCJpcGFkZHIiOiIyMC4xOTAuMTkwLjEwMCJ9.U2o2eDF5Q05BbVgwQ3ZXQ2dMWjU4MFF1UFVuWkxLZHc1Skx5TERQQXB3bz0&ApiVersion=2.0 HTTP/1.1
Host: whitecapsgc-my.sharepoint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=187607054-
If-Match: "{72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5"
HTTP/2 206 Partial Content
cache-control: private
content-length: 53754
content-type: application/octet-stream
content-range: bytes 187607054-187660807/187660808
accept-ranges: bytes
etag: "{72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-networkstatistics: 0,525568,0,0,423,0,24489
x-sharepointhealthscore: 0
docid: whitecapsgc-my.sharepoint.com_4fadd5ee-d0d8-4daf-9bef-880943b55933_72fb1f31-91ab-4c12-ab3a-83eca5f647e6
x-download-options: noopen
content-disposition: attachment;filename*=utf-8''God%20Of%20War%20II%2EkuyhAa%2E7z;filename="God Of War II.kuyhAa.7z"
ctag: {72FB1F31-91AB-4C12-AB3A-83ECA5F647E6},5,2
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 1dc2aea0-e00a-d000-ec92-a53f54fe3102
request-id: 1dc2aea0-e00a-d000-ec92-a53f54fe3102
ms-cv: oK7CHQrgANDskqU/VP4xAg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=999631bb-7899-4822-bb6a-0f2cb162a8a5&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.23612
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7592E46F5EF64433A34946B71B025BBD Ref B: OSL30EDGE0412 Ref C: 2023-05-02T00:55:22Z
date: Tue, 02 May 2023 00:55:23 GMT
X-Firefox-Spdy: h2
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511
172.67.223.249200 OK 55 kB URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type ASCII text, with very long lines (65536), with no line terminators
Hash 05af5db7ddf792030285df306abbc6a6
4d841ca0d004b507b172d0a6190141952a83201b
eaef23509fa46d4dff5392ba9fcfe2d7e6fd40be2e9af469b7af3c0a07840941
GET /cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=7c0c4c618c4bb511 HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login?__cf_chl_rt_tk=ndejAeHS9lm57TnPvji5FuWLznEx5AAaGti00w_dHLk-1682988923-0-gaNycGzNBiU
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INMeu3%2Fq9Peb11c8Y8e3YHcCMLUQOiSLqAwtNsAjze3vhzMTvTSdkkWE9ZIL2Ki1qwQoOIYcPrG0D3cflGTCdVX7v%2FPr7Gyaj6Wzct1a2tQmaMpgTc3t4XsmcG6kclMFm5igcqlU2IglpVAdin9C7NH0sGtsbR0TugNPFCjJC35XxfaxZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c632875b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
172.67.223.249403 Forbidden 3.4 kB URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1561)
Hash 382556f660e733180e8f40a9d7c8135e
abfb948ac46a1e08c4869263d6828d0344cc12e5
3de15de85d176643b292964088b9caa1eeeac535f7bc0f7136286b4cf836f13b
GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJkATZawN3J7bvdb5NE%2FJkiLY16DzW25V7TJKf6FzuuGns4WKKoAZE3YoSrdGGEh1rNiCGgq9PqTk%2BpGK92bNInp%2BomBbgb8GSyeiC8pkQDfBR2fxTPaCEW%2B685lc6O9kNyo%2BAvA%2FtieInEP29J%2BbrfcZwe8hvzj1O6htAo6E5IPrEuS6w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c63788eb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
172.67.223.249403 Forbidden 3.4 kB URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/favicon.ico
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1583)
Hash 190102845dbd1b75b97752ec8b23d8d4
77bb64afd19d90b26547dfde0c475dd909174f4c
ec7235bfcd19dc0f1bb42662fc71647a9967636ae740190d9898a11b082d9bd4
GET /favicon.ico HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
cf-chl-bypass: 1
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLqk%2BlBatj7tRTQbUvKyHm7SE8pFNY4flD14WgeIzO07npIsh3%2BINxl15naQ%2BfNvmBomNP4FZxdj1lOaYKaO01a%2BLmJXs1OPBNk%2FpY2JB2BCXDaEtSGp4xmjwMI2p%2B6cZBKfBBrQUBtWirsBrGC6t7r718xOjCjnVgxK9th8K2Vadxin9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c0c4c63bb1b1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185200 OK 6.0 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:443
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (15685)
Hash daa10d1ba7ba0f4bb00c1c9714f4cff7
b733f6ef8838f7cb7113f187d0a9c8f4cf9a51ac
bc90e3f00e56fecfcb7829a44761c8f020944b095e550c359870571dabf63493
GET /turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 02 May 2023 00:55:23 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c0c4c63e945b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
172.67.223.249200 OK 151 kB URL POST HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150570 bytes)
Hash e1034fbe6784eebf5ed548a7cb899d3a
85113b9718555ebe2572cea35d24db0d9babb9fd
ddf5ea34f8229079a68acf4544677661e834ab0edcc347d01a3155f43d0dba44
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2cab91d4e6c8ebd
Content-Length: 1830
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: ipL2n0g077kcHtIvMr4ajfeYYF/Yeac2l11CN3QAOMrCW5/hLItSJkVImLXFre2Ot6soMAa+uSM+zo9JuL5wUuBbaebJ7uytsqzJV1xeLfAuxHRuvDDY/T0dOHIO5VrX/tDd8HAqq+oAgUN0AlUHpoZcUCbbeiHKmTlpkzrkNv/0XY7zrnpg/oKWudqhqKOFEdVoWdnW2ZZDPA2xLH1NUkikhvxF5pSgTf4Y/PMZR9LuGH5fy0KGUxENWlkiRVFcFYe5+5NA0c8dOk2szLYpGpcdeVMnoceI36xEay2MrUlUlO7/l6qwGW+a8u+iwX9nSMXzQR2cDcmRww8VhkVCFUG0m9PYGlWm3Ndm6GLGApt6KpoQEzTYeW+cQ7CH6dnq9TxRYcvTOctcPTnG1b/Vp7AYcKoTDjhAxvJ1sRQQPcO/bu6aGWVGs0BUhwg7+zGr$HvIRO0q96Y4dB7zhQCVFjw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu3cLGAiiXK8QZZC9iW3w6gQCZfaPtRMVq62CmYYr0dg2H4xfANLgxm2H7bfkQZMNQRNpVwGeCrjQWdtUxjWDFmqu2sIbWv7ALWU3CcacXSf2D3JOjA%2FcHhflrVJuYFkKKlEmzJr%2BM2K%2FJgq8F5WtjDLpOQDn9%2B9lEG7eoj%2F8zKCovzIWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c64dcc3b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl
172.67.223.249200 OK 61 B URL GET HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type PNG image data, 25 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash e12b35d989e0a56e1c5b5a415b668944
a1bcd88d0f1311e32b28c359c089f20aaa2970cc
90692273abfa5a76d8bb5c9552847d9f8c15c81b208abc42ff104109c18fe13b
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/img/7c0c4c618c4bb511/1682988923671/7SqvJiRE8UVjROl HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:23 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPcfOkQVxQOwWNL3%2FWf7fdKiYDujah5nAaZ1V8yLsoaonyJj2KVBTPeDIXU2BQ6xRkxCAjo7v9lkjmoxWDLO6sR%2BpIaQrlLYwXFzZmbUXFf5kYkNJzs6I8YCD9o7W1Zi76Mih%2FjGCZTxXV8pZJbOzJfs%2F4FOYDZHStmNNABXMovLPKqeOw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c66ada3b529-OSL
alt-svc: h2=":443"; ma=60
my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
172.67.223.249200 OK 5.6 kB URL POST HTTP/1.1 my-netbank.commbank.application.com.au.pank.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd
IP 172.67.223.249:80
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
File type ASCII text, with very long lines (7376), with no line terminators
Hash 1e087dcf7fd9c63575c5f18c9d1b381a
b0f0e2b0e9bbba9b4a4f59ecb12cba1e41b2436d
862e5870f083566fbc8c21e433ba94aca224987f51bd5a6ef6357386be9551ad
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/616543430:1682986298:2q0K0apTQNuKoyD-TKxMRp8zNwnd21lmD9x0reqemrs/7c0c4c618c4bb511/2cab91d4e6c8ebd HTTP/1.1
Host: my-netbank.commbank.application.com.au.pank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2cab91d4e6c8ebd
Content-Length: 16803
Origin: http://my-netbank.commbank.application.com.au.pank.com.br
Connection: keep-alive
Cookie: cf_chl_2=2cab91d4e6c8ebd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 02 May 2023 00:55:25 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: UQ61+ysqzvlOGLd62XUU/pyH4HLRxUAl3JHsa5H8olbDTSZnvQdnbDz3A5Jx02IW$jLo1afPAUKn394JWwgoUXw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhtmozlfrpA%2F1BR68xWcjNNcvpSp%2FwO7aBHI3onCVtn9Yg2dBMFCItSpyoWP4RavS%2Bq33xPAaJLSrpBgGQdX1JTdBH9%2B1TwVymoTbRI0VYC6ja94UxN4vJ5xAYZuKj0Ytl69B3dDp0ElTj60TgHe4%2BjSDpgQo0uO7IT2w4trtSDQYSnKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c0c4c6f2937b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0
104.18.7.185200 OK 156 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (156225 bytes)
Hash a8ff1f8f239deceac93fb95c4261df99
65a2112b27fdec57192a0ccfa4f0635d4cb1f025
428b672246463bf3f51d6221cc90022f503c4a27f2bfc3b0697bffbf3917d06c
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c0c4c6f7addfac0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
server: cloudflare
cf-ray: 7c0c4c701b01fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
104.18.7.185200 OK 23 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
IP 104.18.7.185:443
Requested by http://my-netbank.commbank.application.com.au.pank.com.br/a1b2c3/31339703862ae1f68ecd090b561368f0/login
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9343)
Hash 3abd134b960cb431c06b4872fbf23d70
b1c8c49937ee7b8c21c0764f1e2fa6f21a57c580
b52f7932f43f1287f637ffe3985a93756ac4785bb62878256420f9a1f73ccd47
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 7c0c4c6f7addfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr
104.18.7.185200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type PNG image data, 21 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash f5caaa25c7ec0ee9c55f0c6910012aab
1bff2ad781f05ca76f85f601dd781db302260521
f00cdebc48bd95c03f99e3211db17930da43f298301f321749b7b826385e5929
GET /cdn-cgi/challenge-platform/h/g/img/7c0c4c6f7addfac0/1682988925645/jFsgSUBQgjQ0Usr HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: image/png
server: cloudflare
cf-ray: 7c0c4c72db86fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
104.18.7.185200 OK 10 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (10424), with no line terminators
Hash 1952329714f9dd3f9606da02b86efa34
3d98b56d4586d17f8d8a60fac229de8996e69d70
8941431aac63aab471cec8b35313c1e9fc634d8760217305c866b1b9d0dd3301
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b475c509ff6cbb4
Content-Length: 16214
Origin: https://challenges.cloudflare.com
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:26 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: GVCzBPap5VebBrk0cikVOSjH9QlCpp/6zWNrGt2jfsSRMDFafnrXbAk3Wl5sf144$VPkIa4V/A8ZJZHemsTx/3g==
server: cloudflare
cf-ray: 7c0c4c748bcafac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
104.18.7.185200 OK 39 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4
IP 104.18.7.185:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5C:7B:D7:57:5A:53:A4:99:8E:1E:5A:C4:58:30:7C:2D:6C:D8:3C:C5
ValiditySun, 18 Sep 2022 00:00:00 GMT - Sun, 17 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (38908), with no line terminators
Hash 81189bbac89dffd702c36a360a37fdd5
67d5cadd999834aca3bc358ac64f3181d13748c3
9daf9fa1f4fb64cf0cda4a467d0cd305224eeb746bf0e5ebcac3307fb7afafe9
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1908883107:1682986125:4tblfBHM1PXXBoBc4nFFd_lbFiwfCG8hg52dZ0-4-kU/7c0c4c6f7addfac0/b475c509ff6cbb4 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/s9qpb/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b475c509ff6cbb4
Content-Length: 2627
Origin: https://challenges.cloudflare.com
Alt-Used: challenges.cloudflare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 02 May 2023 00:55:25 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: VHpoviXPuXPl6h+Y/j2K8c8/tSRa6IyRPuhQ/2qzvDW5Q/6UhLEf9R0AZCxtnA83YnJMm801noJDeO8Nlq/scB4Ld5gde0gDeQThLwp55SbJhx1Zx+VPUdce6ywX/UVOVVWYdEfNJTFukS1h2sVEFKzfThy4p13+8oQ9O4LYm5UMwBqOucjIBcg+bUVLj3py/LFaholuV6Er8at9SqhhtupFkUWlftNYtZppq/BL7JrSFkulbsYOlNOZUC7ozPY1+5Hm2rGLTyNRRNgCZgUbQVY+gPc8bseoJc4OlwFZ7njPBPRnfKmw33xJvjC2SQdvycAhdjZqUge8UZZXpR9JipfeIncrdleIeew3alrJc+U=$OOWMJEM/XQQFyM1VkgXIwA==
server: cloudflare
cf-ray: 7c0c4c713b39fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400