| internetbankinga.archimeta.jp/libra-ro/mm/web/image/libira.png | 172.67.215.62 | 200 OK | 11 kB |
URL GET HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/web/image/libira.png IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typePNG image data, 316 x 56, 8-bit/color RGBA, non-interlaced Hashed1c44f3ee355c1448cc1db2854cf705 93777f3250cd3b9f7e9829501f9c2e5c28180df6 ba9458fecea1bba02cce083a15daef0849df6b2ab2a38418643c4ead43eecc03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libra-ro/mm/web/image/libira.png HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:24 GMT
content-type: image/png
content-length: 11070
last-modified: Wed, 17 Apr 2024 03:42:07 GMT
etag: "2b3e-61642a38021c0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oii6MRm%2BQx2vMj08%2FbznMmq%2FIoCo4v8YonYV8sOyKtNr2Cpfl4qeMD%2Fq6SsQjb4tX9ynYwwyGDIGcidivWNOYP6du7GtL6vIouYmsoQR8l5m%2BDuyGl6JPb93eyPXCNNaj%2Fm5rjHzcNjmXkREBN4R3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87628f67c879b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 15 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:24 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyEbWXlUYCNRzGMJZV4KUkPEtpDp2IcEMYGy1Jy2nnouB2lPGaDy6DL%2Bo%2B0RhyAXf8vm6NqpcTvqmTX61CZWsUWmrroa5VOZ4Cy3D%2FQkxoFHm6NVXrXtYtdjrHbHQgImYKXSUNXBXzdOP%2F1fRj0uAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f6c7e93b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 11 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
Hash722c05e383edbae93ac5cad8b033f795 3fd935f1afd2e63219dcce82c67772a01ed21a5a 0ff69acfecf5d22df51e6b4e208cfac76f67101ced5346ff4374e42e2e22ed35
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:30 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b55XX6X%2Blue%2F7pjIH9%2B0OhJgWSVaD%2F4ejI2r6KTubIh1S6y05hmYrVRJb2RQxeYC%2BucBVfUc8YoTfPEhueEtwCQ5fWPiAi%2FpN8J%2BzqxSUVdUm2OtRN668UBBbEy9yUSeeMdB8CH9TWn42Db%2Bdlh0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f91ffd7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 7.5 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
Hash67f8b19713bf47b01133bc8517130963 bf50a8d7147a109ab413bea7592d5e10943e0811 4c6f658fa7b477961496fe0a0b29b215ae8905d6b3c37e5e5f619167543d8e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0cVnrz3nOojO%2Ffwau5ejqyR%2FFqb24QHi4l5mIYNnhz%2BTnzcsvng3i8FI89Ku927EpnB%2BYK2lpA6i9UPNipvbW0qWsyPCcubChyZwiWk%2FsstmfLwdNT8QzTBdNR49AFVdxS8B2Oth%2BsvpHm1Q1KKlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f75da76b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 10 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
Hash77c210a6188601eb74e815dfc2bc8705 0ab9f9983dfea48e518cf70f833e21245d3d4a47 e8c8a37763b89fa34ba58ecb3ee3173071a386fc95a2cd3054c0a88136fb6949
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUs9BJ%2FbgKuvwBys%2F8C31RJGxCio5EkxIEReYkx2mF3jwYQ%2FE19TX2d5hq%2BpNRHAb86oVCfk2NVfVdXKF9htt5a6yrZwL0OpCoA5gLR69aAiqDETcpQZuDTcmbdnfFzPnSmTVWCYE07mXLi898C4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f825c12b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 11 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
Hash702d6a8a3c2e63707184892a628120bb 44f8e14042f4cd2daff1a7bdeaf3f7aad20302e8 a868c84e32c067f589fdc10c210afa78cad0b92f39261d14158746d3549e7b98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:35 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfU%2B4g6PYA1%2FVNqlG45kv7pmSpmfkVOCKoVXprhbkM%2B2cO3mbdylIC7BEuFi9XVoyBchGJhvd8EFUDBfPUt1g86ek0lFOCVnp8p%2FAFGWFE6mVBTSOegoblSNNm1OLbU8sHkT%2B2rlwzGEiPiT%2FbJwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628fae1a09b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php | 172.67.215.62 | 200 OK | 7.1 kB |
URL POST HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/classes/processor.php IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /libra-ro/mm/panel/classes/processor.php HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: https://internetbankinga.archimeta.jp
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acM9upAAQn%2FTrue%2Bns3Ygi3Q5cqRtxgLtUNmjlzyZRlk4uyhUiFz4sH1YNy2LQxsIg9xkquODf8MadPaM9HIMamLoJ73sWH8zkg%2F0yaepVPJWNjD0W2723276u6jDFIjL50tIr35QaNtIYDlhcOing%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f78fe99b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/panel/res/jq.js | 172.67.215.62 | 200 OK | 90 kB |
URL GET HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/panel/res/jq.js IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators Hash3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libra-ro/mm/panel/res/jq.js HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:24 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:30:26 GMT
etag: W/"15d9d-612d260291080-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tNrwWp%2FmIAfM7tgqJczA28j9cnky4wKNteCrGN9AdlrVb5hn9iHzFb0Kt87zfU31OoDunJgz1C%2BY7fRHOrRk9ZW%2FrfRlxeZ%2BqmdQTaqismgVrW0A5COXnGQcJyVig7MC3DaA6HaMTz7Jx45ZSBMeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f67c880b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none | 172.67.215.62 | 200 OK | 311 kB |
URL User Request GET HTTP/2internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none IP172.67.215.62:443
CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
Size311 kB (310790 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:22:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4CFTanYXRluIp9nxdITLfpNy%2FYVVJbO57FjlUg81wwHaj19MrCaIsnixTaJ6US8cJTpCZbssMVKFCfYqEf76yZIXm1LoZivRsYc9hNu78PnUO9EkUFO%2BdZKPWegn0i2hOZ0eLYJ7ok6KFzCWY2jlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f66499256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| internetbankinga.archimeta.jp/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.215.62 | 200 OK | 1.2 kB |
URL GET HTTP/3internetbankinga.archimeta.jp/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVZuHOyKMJX65cbv49DldiO9kDPMGqaAFe8kbQTHcj1iZXQt%2F85QvQt%2B%2BRSgJRlIsyTDxXjiy2WEmVANTXTTg5tuBrejBUKYL0Ags7RaOPcdRsGyP09G87STont%2Fi3q3ws4BtKrvFMtH5WZ%2FtmAWSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87628f67c87ab515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 20 Apr 2024 06:22:23 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| internetbankinga.archimeta.jp/libra-ro/mm/web/js/jq.js | 172.67.215.62 | 200 OK | 294 kB |
URL GET HTTP/3internetbankinga.archimeta.jp/libra-ro/mm/web/js/jq.js IP172.67.215.62:443
Requested byhttps://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none CertificateIssuerGoogle Trust Services LLC Subjectarchimeta.jp FingerprintD4:BE:4D:59:90:9F:6B:5C:8A:6C:DD:91:52:37:EB:B8:5B:22:DB:E1 ValiditySat, 16 Mar 2024 00:04:04 GMT - Fri, 14 Jun 2024 00:04:03 GMT
File typeJavaScript source, ASCII text Size294 kB (293671 bytes) Hash1150e561f02aaa2a237a4f200face65d 6afaec62e997d0a42356c71521ef0d157b506757 9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libra-ro/mm/web/js/jq.js HTTP/1.1
Host: internetbankinga.archimeta.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internetbankinga.archimeta.jp/libra-ro/mm/web/login.php?unlock=code&appIdKey=xsdgwsdgsdfgsfg&country=none
Cookie: PHPSESSID=9bvaa8neuohm6ut6lfhraiq5lt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:22:24 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:30:26 GMT
etag: W/"47b27-612d260291080-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4ySKx92MAQHWenFPBSYdxkyMn4BTCB16qbS48yjCwCaN9T1AuCaNpIQ1WzaeNvGvkfaw%2BWu0rxsfqB3ChvJoI%2Fo4EKOFT%2BZXTNjeF2f4wm40GBhYvi8LpzbNSXwhbgC%2BtSd%2Fjk7hK625ElIO0Eggw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628f67c87db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|