r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11175
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 05:35:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4940
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:31 GMT
Last-Modified: Fri, 25 Nov 2022 04:13:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 05:19:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 988
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4542
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 05:35:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IYc9Z0kMJZ8xJ8A9l5u0p22RJ/tOyUgYnYgkkYUsbtrWAwqM4dG2+NezjkVkNpSoclySMJ9M5h0=
x-amz-request-id: DCMARP1P4NXQVWWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 04:43:42 GMT
age: 3109
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 05:35:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 1599
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3585
Cache-Control: max-age=102662
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:32 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:06:34 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
urbanautomotive.com.au/asisi/
116.0.21.36200 OK 33 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168)
Hash ba8ec113806cb0e79bae3434e6238213
0cd3f198873e6a0f9be82a9acfe07d4f7b041734
648daef874b30314788fc6c81e4472a77f329d1e49f0e0e45dac11fc59697f18
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
GET /asisi/ HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:31 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:30 GMT
ETag: "42c42c4f-8298-5ee213d1a084d"
Accept-Ranges: bytes
Content-Length: 33432
Connection: close
Content-Type: text/html
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/event
116.0.21.36200 OK 191 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/event
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with no line terminators
Hash 2d5d169b7afabb783f8994c576f005cb
d3c1f326303b3cd98f892a5ab28cea82222d058b
384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/event HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53c3-bf-5ee213d19f0dd"
Accept-Ranges: bytes
Content-Length: 191
Connection: close
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hp+Jhe0hhtw54ruFSvZr7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uTeA0yzsnHD/JLqeTHqEij/tygg=
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/rta.js
116.0.21.36200 OK 168 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/rta.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash cf8059bd98746a031879c027d0675200
5b36326aeac50dd7fbf8a910775b32beccc12d5a
00fb70d9832d4974eacda5d97b5ede63153bebe471109491dc6807db6ceca3a7
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53c9-a8-5ee213d19f0dd"
Accept-Ranges: bytes
Content-Length: 168
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/segments.js
116.0.21.36200 OK 39 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/segments.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53cc-27-5ee213d19f8ad"
Accept-Ranges: bytes
Content-Length: 39
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
116.0.21.36200 OK 51 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (50848), with no line terminators
Hash 46ad0dca51a657b2f6d4302e8af335ac
56f30d2a99c33270a368df39b0fac6a6321f72f4
7744a06830d6b63ba7fc3b5f7649f8f06959e3c31118cf324d3e36e5433915ed
GET /asisi/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53cb-c6a0-5ee213d19f4c5"
Accept-Ranges: bytes
Content-Length: 50848
Connection: close
Content-Type: text/css
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
116.0.21.36200 OK 18 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (815), with CRLF line terminators
Hash 4ff1cfd3240ea3e8eed8d96e31152dc2
97ed8e13c3b52da3ea4865af48b219c8e540e5ac
c1d1eb4e35d0cfa8617262918737bcb8804dd0720cdca026da2087166ac7ba71
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53e0-4446-5ee213d1a0465"
Accept-Ranges: bytes
Content-Length: 17478
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/150582-10.js
116.0.21.36200 OK 898 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/150582-10.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Hash 5de2cd9adefd2a264bc1e881d19827f0
07046ae6c3a9449fd68bd4e0a4f59e7626f30854
af216babd9b5c43a2e6cdedc5d7497f154b3055216272d4a53af26be49bcd53f
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:30 GMT
ETag: "81ac53e5-382-5ee213d1a084d"
Accept-Ranges: bytes
Content-Length: 898
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/150582-15.js
116.0.21.36200 OK 3.0 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/150582-15.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2808)
Hash 3884f03746032fe3fb6b327134090769
b2e5801b7814f320f0364ab04d98f16e429a987d
c7b6ae528e00b64960dd07aa40cd199c946f089e789df34e47c1de507879302b
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:30 GMT
ETag: "81ac53e7-ba2-5ee213d1a084d"
Accept-Ranges: bytes
Content-Length: 2978
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/1647526060x32.js
116.0.21.36200 OK 1.4 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/1647526060x32.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433)
Hash db5bdae32033752bd8574dc96ee4c96c
59c8ea77207eff9f8dbf9b6cbf156c6329cbf931
853efa16d425ff8c75c2bd4c74459ef9b555ceaae1a22d4aae0c36f95cad4351
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53db-58c-5ee213d1a007d"
Accept-Ranges: bytes
Content-Length: 1420
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/11648.js
116.0.21.36200 OK 26 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/11648.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- C source, ASCII text, with very long lines (25399)
Hash 04873a9ac5cdc1c90fcfb18a21e04136
2703ddd39416a70ada985452107e5b543ee89a0a
d7e781eaa55fbe21f653b0d2b807adc6af016ba9170ccd35fd44b3176786c80c
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:32 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:30 GMT
ETag: "81ac53e9-63a4-5ee213d1a084d"
Accept-Ranges: bytes
Content-Length: 25508
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
116.0.21.36200 OK 3.9 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (3906), with no line terminators
Hash b9e47f9f8aac844ec80a9ba6ff6e7a74
cbf073ac21eaa5de906e1fcce023c64c3829c648
aef3124abf7a9f765f36093acf39e804987e52e1a1c241700441949ea52a7673
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d2-f42-5ee213d19fc95"
Accept-Ranges: bytes
Content-Length: 3906
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/asc.txt
116.0.21.36200 OK 17 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/asc.txt
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with no line terminators
Hash 92ecce91e58ca501e89410701805ffd2
fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53c2-11-5ee213d19ecf5"
Accept-Ranges: bytes
Content-Length: 17
Connection: close
Content-Type: text/plain
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/data.json
116.0.21.36200 OK 295 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/data.json
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
Hash c4e699111d8c5ee41a03610b94ff02d5
7b4ec667ab9d73b69d752931fa675eca988ac1be
f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53df-127-5ee213d1a0465"
Accept-Ranges: bytes
Content-Length: 295
Connection: close
Content-Type: application/json
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14000
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14000
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14000
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:35:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14000
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 05:35:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 27372
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 27655
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: 30d340e5-328d-4f00-8cd4-3cb6e2b50265
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JtyEIHoAMFdnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2324-09bb4d434ff852b456537e15;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TYDelnop2OJO_fQdmSzyZJLYx94FU1GxYpDjWCTp3moRS7qzibvTSA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:56:21 GMT
age: 77953
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 4354
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rKROwsZ-X8yDd4iVaYBaNFe6bgHaThxafIt76PBgLoOTrPMqAVQ9iQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:22:43 GMT
age: 25971
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 1866
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/1203273213x32.js
116.0.21.36200 OK 2.7 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/1203273213x32.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403)
Hash 026533413b3d09d51db59238995299c1
8299098d71a0d18d7bf7279f0d71bed0345c0ec2
62079f9953d5a6dc3240039aa842881f9171f4c3f2bc664629aaf5f2c537214c
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:34 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d3-aa7-5ee213d19fc95"
Accept-Ranges: bytes
Content-Length: 2727
Connection: close
Content-Type: application/javascript
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=35762
date: Fri, 25 Nov 2022 05:35:34 GMT
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e0f86189be5b68a128b3e9ed0c895a4c
840290b326c575c771e540fbdf1683c18da6bdcb
8b11ccd1d5545cfbacc7ca7b7cc144a49cd80c69e62db2b232eeb31e326f5ea3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1299
Cache-Control: max-age=121255
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:34 GMT
Etag: "637f85ba-1d7"
Expires: Sat, 26 Nov 2022 15:16:30 GMT
Last-Modified: Thu, 24 Nov 2022 14:54:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
us-ads.openx.net/w/1.0/jstag
35.244.159.8200 OK 18 kB URL HTTP/2 us-ads.openx.net/w/1.0/jstag
IP 35.244.159.8:0
File type ASCII text, with very long lines (12594)
Hash a8107a4b69b301e48af42c4b42bfe0e3
e18ea82ef89168fc02e0e359aa34fbd6f3ee698c
29aa808870da46cddba905b29bd470d2c68c3508ce7de9bcf87b82e377b50ec0
GET /w/1.0/jstag HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Fri, 25 Nov 2022 06:35:34 GMT
date: Fri, 25 Nov 2022 05:35:34 GMT
content-type: text/javascript
content-length: 18071
content-encoding: gzip
cache-control: max-age=3600
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e0f86189be5b68a128b3e9ed0c895a4c
840290b326c575c771e540fbdf1683c18da6bdcb
8b11ccd1d5545cfbacc7ca7b7cc144a49cd80c69e62db2b232eeb31e326f5ea3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2556
Cache-Control: max-age=122512
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:34 GMT
Etag: "637f85ba-1d7"
Expires: Sat, 26 Nov 2022 15:37:26 GMT
Last-Modified: Thu, 24 Nov 2022 14:54:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
us-ads.openx.net/w/1.0/acj?ai=d0be946a-49b9-4d42-9e07-4f178ed9dc47&o=8577216043&callback=OX_8577216043&ju=http%3A//urbanautomotive.com.au/asisi/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
35.244.159.8200 OK 269 B URL HTTP/2 us-ads.openx.net/w/1.0/acj?ai=d0be946a-49b9-4d42-9e07-4f178ed9dc47&o=8577216043&callback=OX_8577216043&ju=http%3A//urbanautomotive.com.au/asisi/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
IP 35.244.159.8:0
Hash ef07474440678e189103139e6f7d8e03
8e432c700fac5d752af8ec726555cf104c89060d
b6bb58421ca2cd303ba4fb936e0fd06e9ae8609ff49a8d3f4978035189794b55
GET /w/1.0/acj?ai=d0be946a-49b9-4d42-9e07-4f178ed9dc47&o=8577216043&callback=OX_8577216043&ju=http%3A//urbanautomotive.com.au/asisi/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1 HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Fri, 25 Nov 2022 05:35:34 GMT
content-type: application/json
content-length: 269
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
18.194.100.42307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 18.194.100.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Fri, 25 Nov 2022 05:35:34 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63805426-066acb766dd835dc5892c8c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:34 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/jquery-1.js
116.0.21.36200 OK 94 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/jquery-1.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 25721ced154b3a99e818431446d7506d
3f1b0e9e54af1af2db2c8a639530448723462151
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53cf-16f44-5ee213d19f8ad"
Accept-Ranges: bytes
Content-Length: 94020
Connection: close
Content-Type: application/javascript
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.51200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.51:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Fri, 25 Nov 2022 05:35:34 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAW2L6I2-5-37MB; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qplS9UpaQe+XO9DtVM30fCgE1oKbX1bV6teuGu1gAWjw9Tgat2Bv1YNHV0qg18Mu6b46CjIJqKpehVuVIJa6pcrjSjwqiqHOTs=; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:34 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
18.194.100.42307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 18.194.100.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Fri, 25 Nov 2022 05:35:34 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63805426-1d3159de6b94d431356300e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.51200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.51:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.6920115697368939&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Fri, 25 Nov 2022 05:35:34 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAW2L6KN-1Z-LZZA; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqo/edmEi5Cde9DtVM30fCgE1oKbX1bV6teuGu1gAWjw9Tgat2Bv1YNHV0qg18Mu6b46CjIJqKpehVuVIJa6pcrjSjwqiqHOTs=; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:34 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/omniture_visId.js
116.0.21.36200 OK 83 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/omniture_visId.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (707), with CRLF line terminators
Hash e97a8791094937eca04430b8fd76550b
69fac7a4b26fdd0e5ea9c7b679435c80857efb1f
0d511486e7d3d6543bce126133d47c2805c5e4f0ff4c6d6eefabd5d6e678bf99
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53c6-14390-5ee213d19f0dd"
Accept-Ranges: bytes
Content-Length: 82832
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/moatad_002.js
116.0.21.36200 OK 182 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/moatad_002.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53ca-2c81d-5ee213d19f4c5"
Accept-Ranges: bytes
Content-Length: 182301
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/moatad.js
116.0.21.36200 OK 182 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/moatad.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53e3-2c81d-5ee213d1a0465"
Accept-Ranges: bytes
Content-Length: 182301
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:34 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:34 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
ads.rubiconproject.com/ad/11648.js
2.21.206.244200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/11648.js
IP 2.21.206.244:0
File type C source, ASCII text, with very long lines (26545)
Hash 5aecf12e8c3cb1d14458bc71c6b8cf0c
b0cedce6e8165041981ba59a9b7277053a37ba89
69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
GET /ad/11648.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8946
content-type: text/javascript
cache-control: max-age=14400
expires: Fri, 25 Nov 2022 09:35:35 GMT
date: Fri, 25 Nov 2022 05:35:35 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/u.gif
116.0.21.36200 OK 42 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/u.gif
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /asisi/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d5-2a-5ee213d19fc95"
Accept-Ranges: bytes
Content-Length: 42
Connection: close
Content-Type: image/gif
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/all.js
116.0.21.36200 OK 199 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/all.js
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (18053)
Size 199 kB (198957 bytes)
Hash bc6c96975ece396c2410a11de12aa324
dc29df9842c22f28b858e6384b9339e2632ce3fc
1cbf11d576a004a0f2bf7baa71c045dd94d4b0eb3e4c848df0bd75dcb144c5f7
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:33 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d8-3092d-5ee213d1a007d"
Accept-Ranges: bytes
Content-Length: 198957
Connection: close
Content-Type: application/javascript
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/seal.png
116.0.21.36200 OK 3.1 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/seal.png
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash be19bc645a5d70db58e4317fb1f7f791
8c38f471f3e6d17af148acaab219db7e3e4a8d23
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /asisi/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53dc-c13-5ee213d1a0465"
Accept-Ranges: bytes
Content-Length: 3091
Connection: close
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b72b4945b79257bd56b26b9ee27153d6
47c25a1393cee643d89b645e2cb8c073328fea5a
cb275292d0789cbe42170b263436a29a8f13a5158da00244572dc4061496de27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 556
Cache-Control: max-age=157242
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:35 GMT
Etag: "63801535-1d7"
Expires: Sun, 27 Nov 2022 01:16:17 GMT
Last-Modified: Fri, 25 Nov 2022 01:07:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.1930927944260712&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
213.19.162.51200 OK 147 B URL HTTP/2 smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.1930927944260712&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
IP 213.19.162.51:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.1930927944260712&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Fri, 25 Nov 2022 05:35:35 GMT
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LAW2L76R-1M-5GN5; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpxBvaqZtdRSu9DtVM30fCgE1oKbX1bV6t/ItjvKbgZt9Tgat2Bv1YNHV0qg18Mu6b46CjIJqKpehVuVIJa6pcrjSjwqiqHOTs=; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 147
X-Firefox-Spdy: h2
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
18.194.100.42307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 18.194.100.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Fri, 25 Nov 2022 05:35:35 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63805427-543a40520a6472452b6f917c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.51200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.51:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Fri, 25 Nov 2022 05:35:35 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAW2L79M-W-2GAE; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrdcxPREviu6e9DtVM30fCgE1oKbX1bV6t/ItjvKbgZt9Tgat2Bv1YNHV0qg18Mu6b46CjIJqKpehVuVIJa6pcrjSjwqiqHOTs=; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/event.gif
116.0.21.36200 OK 42 B URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/event.gif
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /asisi/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d0-2a-5ee213d19fc95"
Accept-Ranges: bytes
Content-Length: 42
Connection: close
Content-Type: image/gif
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
18.194.100.42307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 18.194.100.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 307 Temporary Redirect
Date: Fri, 25 Nov 2022 05:35:35 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63805427-49d5f3380992b89b25eb95e4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.51200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.51:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.28482662878927845&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Fri, 25 Nov 2022 05:35:35 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAW2L7BG-1A-CNTI; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EhbVZqGxN/gV+9DtVM30fCgE1oKbX1bV6t/ItjvKbgZt9Tgat2Bv1YNHV0qg18Mu6b46CjIJqKpehVuVIJa6pcrjSjwqiqHOTs=; Domain=.rubiconproject.com; Path=/; Expires=Sat, 25-Nov-2023 05:35:35 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a2d10df9576c631d6ae0a646998c7494
4194dac1a72b1c7d88f77864ae26ee09c64e80b3
109c6b4555d14db09e05f817143d122377d6930ce901e22198d8a7f0cc572164
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5074
Cache-Control: max-age=136550
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:35 GMT
Etag: "637fb2bb-1d7"
Expires: Sat, 26 Nov 2022 19:31:25 GMT
Last-Modified: Thu, 24 Nov 2022 18:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
91.228.74.251200 OK 39 B URL HTTP/2 pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
IP 91.228.74.251:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 05:35:35 GMT
content-type: application/x-javascript
content-length: 39
cache-control: private, no-transform, must-revalidate, max-age=86400
expires: Sat, 26 Nov 2022 05:35:35 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
set-cookie: mc=63805427-967cf-8e1f8-06ae0; expires=Tue, 26-Dec-2023 05:35:35 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
116.0.21.36200 OK 36 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash a98fbe346dd7c66a4ca5f1f77aa75e44
ee1c12063d821ba884efe2afedd6cab81c825363
de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d
GET /asisi/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53d6-8aba-5ee213d19fc95"
Accept-Ranges: bytes
Content-Length: 35514
Connection: close
Content-Type: image/jpeg
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.188.95.229302 Found 0 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Fri, 25 Nov 2022 05:35:35 GMT
content-type: text/plain;charset=utf-8
expires: Thu, 24 Nov 2022 05:35:35 GMT
last-modified: Sat, 26 Nov 2022 05:35:35 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31C02A13A0EDFEE2-40000AAE0657F797[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sun, 24 Nov 2024 05:35:35 GMT;
location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&pccr=true&vidn=31C02A13A0EDFEE2-40000AAE0657F797&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=90651
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:36 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:46:27 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
urbanautomotive.com.au/static/images/fb-logo-29.png
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/images/fb-logo-29.png
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /static/images/fb-logo-29.png HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:35 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&pccr=true&vidn=31C02A13A0EDFEE2-40000AAE0657F797&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&pccr=true&vidn=31C02A13A0EDFEE2-40000AAE0657F797&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/comcastnetdev/1/H.27.5/s98263583131902?AQB=1&pccr=true&vidn=31C02A13A0EDFEE2-40000AAE0657F797&ndh=1&t=25%2F10%2F2022%205%3A35%3A35%205%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Furbanautomotive.com.au%2Fasisi%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fasisi%2F%2F%3Asign%20in&v1=%2Fasisi%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fasisi%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Fri, 25 Nov 2022 05:35:36 GMT
expires: Thu, 24 Nov 2022 05:35:36 GMT
last-modified: Sat, 26 Nov 2022 05:35:36 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31C02A1402A9A9DA-6000012BC6A58417[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sun, 24 Nov 2024 05:35:35 GMT;
etag: 3584911568819290112-4619674158419510294
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.200.14301 Moved Permanently 0 B URL HTTP/1.1 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.200.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
Content-Type: text/html; charset="utf-8"
X-FB-Debug: O53rQzpC1R/wDk8h9S3XByOYuyw5pnVbBL/BFlE3W08s540lcYGtcV1aQMJrXMU2X/MmtX2OfRhLVZCrRjLstQ==
X-FB-TRIP-ID: 1679558926
Date: Fri, 25 Nov 2022 05:35:36 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.200.14302 Found 0 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.200.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: i+YuKQPCrtZy5tbbCAaiLWXlMaDyuoyPEXDFMo5oXmsj8cJEhP+BX/U6TlX0Y4wIj9P+U920A/taQ5dP+gD9oQ==
content-length: 0
priority: u=3,i
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 05:35:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=90651
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 05:35:36 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:46:27 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.200.14302 Found 0 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.200.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ZN9QeufTBT7VXruLjW7IMrfKdzJP5YhBZdtLyIxqr1Yx7XV37SrTygeGstudQnpC08joJip2pU+IwwO9fuC7JQ==
content-length: 0
priority: u=3,i
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 05:35:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.200.35404 Not Found 72 B URL HTTP/2 www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.200.35:0
File type HTML document, ASCII text, with no line terminators
Hash 2556c01148fc3cf811a190ae37345224
644567805749ab3ec4df4a00c82b0a4f8566f25d
f65e4cc023578b2bb3522d09231cd56eb84d209b18d501eeebf8a0b098f7635e
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gh1mA4JtzZBp5B0VCkGiOqk8rpo1ujXHE37MXHnG9hjof25grzCAQ8RjFdZSCJpNOjw7FMUoW4byeb7GtPGp9A==
content-length: 72
date: Fri, 25 Nov 2022 05:35:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.200.35404 Not Found 72 B URL HTTP/2 www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.200.35:0
File type HTML document, ASCII text, with no line terminators
Hash 2556c01148fc3cf811a190ae37345224
644567805749ab3ec4df4a00c82b0a4f8566f25d
f65e4cc023578b2bb3522d09231cd56eb84d209b18d501eeebf8a0b098f7635e
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /17CMTl1ptLJGaZ855jfcFa3fguP8ekHSdOoNvEy6jeZEHXCmIx5neu4jyjVE5CfJPe23V/bvnLlx4rpOj3m3Q==
content-length: 72
date: Fri, 25 Nov 2022 05:35:36 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/dest5.htm
116.0.21.36200 OK 8.9 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/dest5.htm
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators
Hash d2f6fa6292c62a0b4453c4d7763040e1
a9330f8597c230773f94d5f3b442d0a14e94083f
b8ddbf2a9418fff20f88a0692ce5aa6770edc51280200cdf410fdfb36466794c
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53da-22f4-5ee213d1a007d"
Accept-Ranges: bytes
Content-Length: 8948
Connection: close
Content-Type: text/html
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
secure-assets.rubiconproject.com/static/psa/blank/1x1.png
2.21.206.244200 OK 155 B URL HTTP/2 secure-assets.rubiconproject.com/static/psa/blank/1x1.png
IP 2.21.206.244:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /static/psa/blank/1x1.png HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
accept-ranges: bytes
content-type: image/png
content-encoding: gzip
unused62: 8096267
content-length: 155
date: Fri, 25 Nov 2022 05:35:37 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=68417173568&varName=crtg_content
178.250.2.157204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=68417173568&varName=crtg_content
IP 178.250.2.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=68417173568&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Fri, 25 Nov 2022 05:35:37 GMT
strict-transport-security: max-age=31536000; preload;
connect.facebook.net/en_US/all.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 585211bb5670acb55ef3ac7b1e99dec1
63873db94578575a7eb63b206b9af62b7e96df2a
3646ab81481764961a5b9f90c125c87d019e2141a56cf912c1e57ba44d95a3df
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 75d13b30c4519803f9cbf45ed420ba19
ETag: "8663c8802226c40f2046c85430d607d4"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Fri, 25 Nov 2022 05:44:32 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: WFIRu1ZwrLVe86x7HpnewQ==
X-FB-Debug: Avz2kg9ERN1ns8bcqQcQFDIY74G5A26BcNJ4aHpwnjNSQzQpaM6To4QpGSBA3BWh2uvX/KkUwTJcWdgUPDJH3Q==
X-FB-TRIP-ID: 1679558926
Date: Fri, 25 Nov 2022 05:35:37 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F
52.213.58.50302 Found 0 B URL HTTP/1.1 comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F
IP 52.213.58.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-07303b075.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: http://comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=70933761058987237693486335027536380348; Max-Age=15552000; Expires=Wed, 24 May 2023 05:35:37 GMT; Path=/; Domain=.demdex.net
X-TID: F1kJhEI/S9M=
Content-Length: 0
Connection: keep-alive
urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
116.0.21.36404 Not Found 315 B URL HTTP/1.1 urbanautomotive.com.au/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2022 05:35:37 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1
urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
116.0.21.36200 OK 43 kB URL HTTP/1.1 urbanautomotive.com.au/asisi/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
IP 116.0.21.36:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators
Hash fc6f71bf3bb8b37c2e742712f5e9fa31
1985f6685907edd356e999433d688632683297f5
074da691273a060b544115ecc31905c1c260559484b45560f9a299d83ca5d898
Analyzer Verdict Alert fortinet Phishing
GET /asisi/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1
Host: urbanautomotive.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://urbanautomotive.com.au/asisi/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Wed, 23 Nov 2022 11:03:29 GMT
ETag: "81ac53c5-a818-5ee213d19f0dd"
Accept-Ranges: bytes
Content-Length: 43032
Connection: close
Content-Type: text/html
comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F
52.213.58.50200 OK 67 B URL HTTP/1.1 comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F
IP 52.213.58.50:0
File type ASCII text, with no line terminators
Hash 1affdc70dbf234712a6eec2107ebfee6
a846ed050f214de1c04259b60edd4e3e6d1355db
0eafabe413f02b9b534d3d258e93861a70c98d355464e0580c48c92ccbe59d16
GET /firstevent?d_nsid=1&d_ld=_ts%3D1669354535289&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1669354535289&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fasisi%2F%2F%3Asign%20in&c_eVar1=%2Fasisi%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fasisi%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://urbanautomotive.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
X-TID: RaQcQ66kSls=
Content-Length: 67
Connection: keep-alive
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 20e568e73a457e562a6cab420b5b51df
8f7e537059134b7918e2d5345fef889fecaa51d6
2382739a4c5a1b4d16719fea59bd22f669abe61c703481ca30cb8824a4a00bd6
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 22:07:31 GMT
Expires: Thu, 01 Dec 2022 22:07:30 GMT
Etag: "8f7e537059134b7918e2d5345fef889fecaa51d6"
Cache-Control: max-age=601916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f805a72b0db4f3-OSL
login.comcast.net/static/images/global/favicon.ico
76.96.69.84200 OK 1.2 kB URL HTTP/1.1 login.comcast.net/static/images/global/favicon.ico
IP 76.96.69.84:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8591b1e1977be23073d13751a5f203d0
3f549eff3cf641803992d8748202bf0775f4765e
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /static/images/global/favicon.ico HTTP/1.1
Host: login.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://urbanautomotive.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 05:35:38 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon