34.196.62.157301 Moved Permanently 0 B URL User Request GET HTTP/2 IP 34.196.62.157:443
Certificate IssuerAmazon
Subjectrb.gy
FingerprintDB:A6:0C:96:5D:05:26:D6:95:BF:CD:A8:79:39:3C:DA:CC:7E:93:A5
ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p0k05y HTTP/1.1
Host: rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 20:30:13 GMT
content-length: 0
location: https://www.ciennaclient.com/RBC
cache-control: no-cache, no-store
expires: -1
engine: Rebrandly.redirect, version 2.1
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
70.40.216.51301 Moved Permanently 241 B URL User Request GET HTTP/2 IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash abb9e3ac80f043ac662f16c8d4e15aa1
a144f4b2bf185efcf9a971b6f08b53838ba5595d
2ccbe9c4f6ed6190ecffcb085754946eea9d383e3ec231589d6114f9c51745aa
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 20:30:14 GMT
server: nginx/1.21.6
content-type: text/html; charset=iso-8859-1
content-length: 241
location: https://www.ciennaclient.com/RBC/
x-server-cache: false
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/
70.40.216.51200 OK 1.7 kB URL User Request GET HTTP/2 www.ciennaclient.com/RBC/
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 6651fbe0c8d5ecc8fcadce7e94243efe
c44cabede1dd87df358365e0bc6cc171d884267c
9276c38bb701ecaa344f9e4212221af20701b2a0fddc5a4b4f50bdc63eed0e27
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/ HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:14 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 1693
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/Untitled1.css
70.40.216.51200 OK 340 B URL GET HTTP/2 www.ciennaclient.com/RBC/Untitled1.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page6.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash c5c75fe060c01362b832291770fd6063
c76c6d7a7ca8146050809724d135637c389205e9
e5c59c0f43c9504ab6cd5be3ac0c2125431be6cee511139c7ec592e8a028332b
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/Untitled1.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 340
content-type: text/css
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/index.css
70.40.216.51200 OK 8.8 kB URL GET HTTP/2 www.ciennaclient.com/RBC/index.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash fd0b624c63ccbdf838e5cbbd3eae7bee
32805e4375788b3177ead66aa840442a7a9b3b55
af9537ead0045a5a008c45d4544555306bbd5a4a280dfc49903b8c2583809476
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/index.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8766
content-type: text/css
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/wwb18.min.js
70.40.216.51200 OK 1.7 kB URL GET HTTP/2 www.ciennaclient.com/RBC/wwb18.min.js
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with very long lines (519), with CRLF line terminators
Hash d40dd26504e7cbc84b737868662b8407
cb673f3a3d5759722ff0dcd935401d96b8e47f9f
26b3bd98d6823c8967b77b7222f542def426ffa6679f1a83f27ec51fbaaf988d
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/wwb18.min.js HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1716
content-type: application/javascript
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20063645.png
70.40.216.51200 OK 451 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20063645.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 14 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 26bdf8b27d544d54988fa2903100ceb8
4423e9505ced757dd0d11c224fef387f49620bd7
64a4ee752fd98cae94ae2522426c58643167e2399a3bc2054ab89ba6b389e77d
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20063645.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 451
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page3.html
70.40.216.51200 OK 479 B URL GET HTTP/2 www.ciennaclient.com/RBC/page3.html
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67753dc9fae9892d6a3854962463d077
04385571c9c686643ec0b44d8c83b077a79f6c26
5c97c46dad6c8b031632d6d676aae5f7f95e56744ab5c0233d56e870e53e8bbc
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page3.html HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:15 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 479
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
secure.royalbank.com/statics/login-service-ui/favicon.ico
2.21.204.174200 OK 2.2 kB URL GET HTTP/2 secure.royalbank.com/statics/login-service-ui/favicon.ico
IP 2.21.204.174:443
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerDigiCert Inc
Subjectwww1.rbcinsurance.com
Fingerprint42:82:89:9F:C5:8C:17:7C:93:B9:67:41:1D:2D:96:B6:2A:92:97:EB
ValidityMon, 27 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32\012- data
Hash b5e87960e5522b05fac649f48c9bb15f
85ea38ec274bd884740fd3ee64f5cd6d5e950b54
4ce04021dcad4967eb75870b28569d812455223682a6dfd6aa948115944c692d
GET /statics/login-service-ui/favicon.ico HTTP/1.1
Host: secure.royalbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
etag: "b5e87960e5522b05fac649f48c9bb15f:1701347352.63302"
last-modified: Thu, 30 Nov 2023 17:29:13 GMT
server: AkamaiNetStorage
content-length: 2238
date: Tue, 05 Dec 2023 20:30:15 GMT
cache-control: public, max-age=31536000, immutable
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%2005422444.png
70.40.216.51200 OK 527 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%2005422444.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 683 x 607, 8-bit/color RGBA, non-interlaced\012- data
Size 527 kB (526612 bytes)
Hash d07e556cf213cff3512475ab75b510b4
8a49d1f6fd66783d5e4c3a7de117c99952c045e1
fe56990ef69d0e425cf211d02a222b58e486a492345810db16ee346acd70bfe4
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%2005422444.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 526612
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page2.html
70.40.216.51200 OK 615 B URL GET HTTP/2 www.ciennaclient.com/RBC/page2.html
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bef298edd99fbb6a7e89e78c22fe7000
995447b31bc3bf368acb144f77a0977e23f9f0e2
d9b9156ae2d16776b6b138e3301790a82421babfc535b22531321933e262d0e7
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page2.html HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:15 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 615
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/jquery-3.6.0.min.js
70.40.216.51200 OK 40 kB URL GET HTTP/2 www.ciennaclient.com/RBC/jquery-3.6.0.min.js
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with very long lines (65447)
Hash ef34733f263eb8e3cba95f9481d1afad
633f5218934396459a90df69e7273e8ba837b69a
a36053a6e6b536ad7e42c711d8d15c2bd7beafc9b0a9e75fcab672ab66ecee0f
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/jquery-3.6.0.min.js HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page5.html
70.40.216.51200 OK 481 B URL GET HTTP/2 www.ciennaclient.com/RBC/page5.html
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cc00d34f6736dc0ae45b743614fe07f5
ed69d8036eee277c32087dae9b1ad7eb63a8e8c6
4beebe4c57f5a5830c32ac90613763f6622cd14ed4d4692971c857cfc8d6e683
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page5.html HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:15 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 481
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/jquery-ui.min.js
70.40.216.51200 OK 92 kB URL GET HTTP/2 www.ciennaclient.com/RBC/jquery-ui.min.js
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with very long lines (32074)
Hash 0c6a1957e3e4e4f86b75ccb6a09025be
8b550e538295540e16736cc8464f25ccbfc68b8d
f8e85514dce4e6b9861de7daa0a0950f04b7b4b8d49d0c806ad7a74e24788cbb
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/jquery-ui.min.js HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 05 Dec 2023 20:30:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Unti22tled.png
70.40.216.51200 OK 269 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Unti22tled.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page3.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 16 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash be738061f6a1a0f4bc073a24f5a597ed
4cad0012448c145542e539e102431d393104d915
a205d7584b7f6565f90e2c280c24679a1c53d51ecae729aa7937a2ae726f5c91
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Unti22tled.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page3.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 269
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/Untitled1.css
70.40.216.51200 OK 340 B URL GET HTTP/2 www.ciennaclient.com/RBC/Untitled1.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page6.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash c5c75fe060c01362b832291770fd6063
c76c6d7a7ca8146050809724d135637c389205e9
e5c59c0f43c9504ab6cd5be3ac0c2125431be6cee511139c7ec592e8a028332b
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/Untitled1.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page3.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 340
content-type: text/css
date: Tue, 05 Dec 2023 20:30:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20062224.png
70.40.216.51200 OK 1.6 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20062224.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page3.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 181 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash ab54e06f577bc41e54157d37c75ac741
5d71145a1dfa5c537db4311a19c64e1c46ff40d7
2631e212b4dc7dab04216fede93affd60f9b96b89cff81fe9d7d899a11848656
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20062224.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page3.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 1627
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page3.css
70.40.216.51200 OK 256 B URL GET HTTP/2 www.ciennaclient.com/RBC/page3.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page3.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash 3f7d991edf77ba32ec2c5f0a68ba815e
fd7c05b9bbc55498db3fac68350b685ae0471182
4e420ded99fb67d32ee3a70cf21ab1e584ca64e90cd528c40a7aee157f838084
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page3.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page3.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 256
content-type: text/css
date: Tue, 05 Dec 2023 20:30:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page2.css
70.40.216.51200 OK 278 B URL GET HTTP/2 www.ciennaclient.com/RBC/page2.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash 0b21fb1a946b8c564c391aabeec40adf
a7635196d8f95961706c51ea315c1f69b493e804
436c380a8e627b6119792457d8c28f8185792f451fc73022a2bf2e7d9143c5fd
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page2.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page2.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 278
content-type: text/css
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20054759.png
70.40.216.51200 OK 305 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20054759.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 34 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash effada7f33eea2168d46c8ef02c674c9
ea229146574f7250be5997002916b2eb5a2ea8c8
920306bf9f9bef3e20f85089c012f1be7b3c757969811cf447bb4692c6a1afb5
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20054759.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 305
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%200549012.png
70.40.216.51200 OK 2.1 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%200549012.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 247 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 30c570f50428e13766f400faff3bceb5
7346c98e7591f3a1899a180e57d84b980edad7ef
bd47676d4a239b3d1564f405a534ec89d7daafd79951dd7e3f4a74d5221bbd70
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%200549012.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 2143
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%200542835.png
70.40.216.51200 OK 657 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%200542835.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f667dba117d1e4fae1c52d7682276f1
35f95c526d1260ed3ce61808e83269ca4326422d
6f9cded27a9e23334b10abb9cdc3266f75c63ccf1f8942449f6a2c0c123b373d
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%200542835.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 657
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/wwb18.min.js
70.40.216.51200 OK 1.7 kB URL GET HTTP/2 www.ciennaclient.com/RBC/wwb18.min.js
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page2.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with very long lines (519), with CRLF line terminators
Hash d40dd26504e7cbc84b737868662b8407
cb673f3a3d5759722ff0dcd935401d96b8e47f9f
26b3bd98d6823c8967b77b7222f542def426ffa6679f1a83f27ec51fbaaf988d
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/wwb18.min.js HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1716
content-type: application/javascript
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20061052.png
70.40.216.51200 OK 2.4 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20061052.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page4.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 163 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 82313f90f460927f982f20f85299fc6b
3d37408f37310daf62aebc2bbf5f5afe0233306a
c985ac526d3dfcd339f915300dadf2d9662bf93e17b385cea39936573f3a67a7
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20061052.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page4.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 2385
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page4.css
70.40.216.51200 OK 266 B URL GET HTTP/2 www.ciennaclient.com/RBC/page4.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page4.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash 8cd62a4b2df69298b372418ede70cc75
04bce40ea0361bab2e3c67d155664f7b6d6f747c
b0d40df0c6d486b77ef16ad8b723f6e05d94fe8ce85e9fc40ab9f195a07f29e2
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page4.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page4.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 266
content-type: text/css
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20061652.png
70.40.216.51200 OK 8.0 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20061652.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page4.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 344 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f5a0fac7e794181115882025bddbe529
2f555c99aea23034719d624c4dc68f448ea551e4
5236d4e4a802e634968aa3ac0fa0c707c972787417fc83b5331f610c392d3573
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20061652.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page4.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 7969
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202-12-04%20061336.png
70.40.216.51200 OK 1.8 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202-12-04%20061336.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page4.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 407 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash b8cdbd18c900965c915f5a09fd0746f7
35036dfb0535120185ee158edc448643b5099ef1
9843ec434dc3494204572edc071d5ec8b47cf0ff67a602b22c70a5a45a2ec8bd
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202-12-04%20061336.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page4.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 1840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/Untitled1.css
70.40.216.51200 OK 340 B URL GET HTTP/2 www.ciennaclient.com/RBC/Untitled1.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page6.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash c5c75fe060c01362b832291770fd6063
c76c6d7a7ca8146050809724d135637c389205e9
e5c59c0f43c9504ab6cd5be3ac0c2125431be6cee511139c7ec592e8a028332b
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/Untitled1.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page6.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 340
content-type: text/css
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Unti22tled.png
70.40.216.51200 OK 269 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Unti22tled.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page3.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 16 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash be738061f6a1a0f4bc073a24f5a597ed
4cad0012448c145542e539e102431d393104d915
a205d7584b7f6565f90e2c280c24679a1c53d51ecae729aa7937a2ae726f5c91
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Unti22tled.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page5.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 269
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20065154.png
70.40.216.51200 OK 13 kB URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20065154.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page6.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 405 x 352, 8-bit/color RGBA, non-interlaced\012- data
Hash bc0ad1661c69f9fb8e1e4889c1b3f0d1
c76e8091da0448f71a4871d519525bc3a38f7477
e1d509405800944d6828d023f579c1e4c813a2f9e64dc32028a66aebe9d4e9fd
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20065154.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page6.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 12825
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20064318.png
70.40.216.51200 OK 908 B URL GET HTTP/2 www.ciennaclient.com/RBC/images/Screenshot%202023-12-04%20064318.png
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page5.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type PNG image data, 73 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dbf3b2553527b54819705fb7f699325
3bc6e2e35c872f7d8c4afc78447b7c2230d40ffe
3a6f8989b627361880ad9cbb13b7f8820b183ed9da92c3c12f788f3c99ef9c5d
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/images/Screenshot%202023-12-04%20064318.png HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page5.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
content-length: 908
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page6.css
70.40.216.51200 OK 252 B URL GET HTTP/2 www.ciennaclient.com/RBC/page6.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page6.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash fe926d81de7e3dde3d0904fb2dc49944
c472fe1e499c20ded1ef6cc04016fcd152add85d
585591db4801ef3b333b95b8c362715a4348d312773bb8d0ea5afefd4c14caf9
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page6.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page6.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 252
content-type: text/css
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page5.css
70.40.216.51200 OK 256 B URL GET HTTP/2 www.ciennaclient.com/RBC/page5.css
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/page5.html
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type ASCII text, with CRLF line terminators
Hash e86c26b02554646f1e139ea1a340616e
37a987ab6c10ecfc4aff8a20033ca32be3d13ccc
ff0cf519db7067742d70fa9795d4f64a8275ee284a907ce07ddcac31f3130a9f
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page5.css HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/page5.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 256
content-type: text/css
date: Tue, 05 Dec 2023 20:30:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page4.html
70.40.216.51200 OK 1.4 kB URL GET HTTP/2 www.ciennaclient.com/RBC/page4.html
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1517), with no line terminators
Hash f3c4d5cc0c4a02df000f839c505be8e6
ff999ab1da9f7070b6e7f5aa7ec5698e975f51c9
99daaedee729ff040dc10ce198017f18360b02b207cbce5f87a3822f051e587b
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page4.html HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:15 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 506
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
www.ciennaclient.com/RBC/page6.html
70.40.216.51200 OK 991 B URL GET HTTP/2 www.ciennaclient.com/RBC/page6.html
IP 70.40.216.51:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://www.ciennaclient.com/RBC/
Certificate IssuerLet's Encrypt
Subjectautodiscover.ciennaclient.com
Fingerprint7F:56:AC:1E:5F:9B:15:5E:3D:9D:80:01:DF:B5:62:56:2D:D2:4A:36
ValiditySat, 11 Nov 2023 14:01:15 GMT - Fri, 09 Feb 2024 14:01:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1077), with no line terminators
Hash ecba7df4eeae094722a2984060775e64
4dcf81c2d48b2237f74d62738a781db20122c66d
4e337912a0aac0bd16abc677e9edfa71d77a05934e385ad8a247eaf505c5e0bd
Analyzer Verdict Alert urlquery phishing Phishing - RBC Royal Bank
GET /RBC/page6.html HTTP/1.1
Host: www.ciennaclient.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ciennaclient.com/RBC/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:30:15 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 430
last-modified: Tue, 05 Dec 2023 02:13:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2