{"report_id":"b7059de6-ad84-43be-8312-bb96f39fc7ca","version":6,"status":"done","tags":["australia","government","phishing"],"date":"2024-08-24T21:42:34Z","url":{"schema":"http","addr":"1e9821101b.nxcli.io/resources/index2.html","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":0,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/index2.html","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"title":"Sign in with myGov - myGov"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-07T17:56:41Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"1e9821101b.nxcli.io","ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":7,"received_data":249017,"sent_data":3395,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-08-24 18:28:39","alert_count":0,"request_count":3,"received_data":58223,"sent_data":1578,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-08-24 18:12:09","alert_count":0,"request_count":3,"received_data":2662,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-08-24 18:12:06","alert_count":0,"request_count":3,"received_data":2661,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-08-24 18:25:32","alert_count":0,"request_count":3,"received_data":2100,"sent_data":975,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-08-24 18:17:27","alert_count":0,"request_count":1,"received_data":2058,"sent_data":486,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-24","alert":"Australian Government","trigger":"1e9821101b.nxcli.io/resources/index2.html","verdict":"phishing","severity":"medium","comment":"Australian Government","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:08.297680849Z","timestamp":1724535728297,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"DB03B08D76424BB0DD34B51C11CF222B9126BD1F6017AFD35CB1C2D0C3D1F86E\"\r\nLast-Modified: Fri, 23 Aug 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16275\r\nExpires: Sun, 25 Aug 2024 02:13:23 GMT\r\nDate: Sat, 24 Aug 2024 21:42:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a081f9755218e081db962afea1117844","sha1":"fab4e95becdbacea971038e8f0ea80b4e1064e4b","sha256":"db03b08d76424bb0dd34b51c11cf222b9126bd1f6017afd35cb1c2d0c3d1f86e","sha512":"ffbc769821cd608c48cd2e69185d6471eb9d63c282ae37bdbaf5e011fb54ca5da649740eb88fdf0616e425f08a0197934e60c3bb33713b6fa057afb6dd1837b1","ssdeep":"","tlshash":"16f005f50d09a5828e98147c5eb4c06b5d3d7df939545cd7927dd1f83c52f55134018c","first_seen":"2024-08-23T21:19:50Z","last_seen":"2024-08-29T18:06:28.06686Z","times_seen":25934,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:08.403610822Z","timestamp":1724535728403,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"8D8503DCA377A8430CD883ACDEC16A62201F61FF923847BB95CD00B4B5B76DEE\"\r\nLast-Modified: Fri, 23 Aug 2024 14:36:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4174\r\nExpires: Sat, 24 Aug 2024 22:51:42 GMT\r\nDate: Sat, 24 Aug 2024 21:42:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"0116304cb4b20e1766015ee4e636662f","sha1":"c2b93f53852c06a7a9648a817818c0d5a7011898","sha256":"8d8503dca377a8430cd883acdec16a62201f61ff923847bb95cd00b4b5b76dee","sha512":"a9a69cc853242d97dd83627b9b37ceb3fbea79206e89f4c440f88e50a45b2c7dae970bbe00c12a6801ffc0db56cd14af73f13509cbee270337b35d36d89252d8","ssdeep":"","tlshash":"14f005d83563761191a0102476b9f21b7b21e9a1284010e6a09041ffb450f699d5d44c","first_seen":"2024-08-23T19:07:39Z","last_seen":"2024-08-29T18:07:10.468175Z","times_seen":16095,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:08.849278945Z","timestamp":1724535728849,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CF43D0127C72BF58A1799B4E7CE0E5C9E18EC12E978DF6DAC9C17920A20173D5\"\r\nLast-Modified: Fri, 23 Aug 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4360\r\nExpires: Sat, 24 Aug 2024 22:54:48 GMT\r\nDate: Sat, 24 Aug 2024 21:42:08 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"515f455d93caad6521481d99fc23e623","sha1":"cb770c44b3e280f2151b3f5e887d61fbe0ef66fb","sha256":"cf43d0127c72bf58a1799b4e7ce0e5c9e18ec12e978df6dac9c17920a20173d5","sha512":"39fab7365f165908e92287a24cc88f688c4083edd2e0739103697cb71d715c221bc05d175c9a3bc51a5dab548cf67f950c518054adb8d4a91d4f420b5a06dab0","ssdeep":"","tlshash":"25f00e8a25b0f9edaf66384a16a8d42b9e336cbd3c0419c041d402d239cabbc974c44a","first_seen":"2024-08-24T03:38:38Z","last_seen":"2024-08-29T18:04:17.031483Z","times_seen":24396,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:09.08101829Z","timestamp":1724535729081,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"133A1FE03DE9EFD148F43EFDA3CD37D24E4F5CC936D1008A8CE7AACC6653AFA3\"\r\nLast-Modified: Fri, 23 Aug 2024 14:38:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5232\r\nExpires: Sat, 24 Aug 2024 23:09:21 GMT\r\nDate: Sat, 24 Aug 2024 21:42:09 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f04a331cae60388b5b3c547bcdd5a8e8","sha1":"a74ba9ea1965e39a78db26c6568b3524156f0b5c","sha256":"133a1fe03de9efd148f43efda3cd37d24e4f5cc936d1008a8ce7aacc6653afa3","sha512":"0a9307417b28adbf81db5ad4e109b9d9d27016432a2a5477e93f36725b54439d0edc39b1eb2a2ca8ad17a1e8c256d3144c1b8718a6b18c87ae4ad2b9e062dc96","ssdeep":"","tlshash":"3cf005e619dbb49053ec44212df687297e40ed98205022d52de0c1845c06bda57c400e","first_seen":"2024-08-24T02:57:33Z","last_seen":"2024-08-29T18:04:24.213602Z","times_seen":23911,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:10.061919193Z","timestamp":1724535730061,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 24 Aug 2024 21:42:10 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"83c3ac79b7b20b2411640b261d336d7b","sha1":"de45a48fa52dd55cb1972ca637e4ace250adb881","sha256":"efce9c56a3f44bf5c0e9da08f9800ecbeff6c4a7b6747cd09cec5752682567bf","sha512":"acd8856ce178df36dc1e634d54588c5930438d51d7f4d579fde8610e2908eb5f56543f8881d09c5975118b3261fd39296c83508936d3af5ac90ddbd25ffa0fc6","ssdeep":"","tlshash":"49f0541a0e787f06df2109112aaceac524040290281c0e02477400e2b6d41fd231cb31","first_seen":"2024-08-24T00:01:50Z","last_seen":"2024-08-29T18:05:20.690637Z","times_seen":2467,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.011Z","timestamp":1724535730011,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:49:45 GMT","end":"Tue, 22 Oct 2024 12:49:44 GMT"},"fingerprint":{"sha1":"C4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF","sha256":"2C:F6:BB:60:47:DE:95:1D:70:0E:DB:82:4F:8B:25:7C:53:71:AD:B7:2C:CA:F9:7E:00:57:F3:9F:F1:74:25:40"}}},"request":{"raw":"GET /css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 24 Aug 2024 21:42:10 GMT\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1428,"size_decoded":1428,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"c03cfb1c6fa6264ea7f9d62d60bc46c7","sha1":"0782aef3e38c4f4a957b912ebf39124a91f42476","sha256":"02df690bf2e28dfd34b2c7a772b854376ef4a7f44b1f062c7a2ee47636916919","sha512":"a3eaffd5db49e2cf981f94374a325a9ca7f9ec6e5bfc5bf3a41b871ea889f8cc137958c6f6281132e85ba78c7c249f13e42dd08b8bb1e66d26c7991141e6c0ec","ssdeep":"","tlshash":"852189661b367e0adb7c5b565dadebe424051280e02d1e271bb142e9b2cc0b6574ce73","first_seen":"2024-08-29T17:56:41.052898Z","last_seen":"2024-08-29T17:56:41.927663Z","times_seen":3,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":53,"dns":0,"connect":8,"send":0,"wait":22,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:10.324322578Z","timestamp":1724535730324,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 24 Aug 2024 21:42:10 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"d9ee401f669aa5ebb6254faebca53ac4","sha1":"da1a59359ea36acc37fdc382aa413f43bdd1e9e4","sha256":"c36f684fea0cc39b1d59c8c5e0f41d451870adaa85db09901a93fdad0d37e45c","sha512":"3702af244ea55e84a417a99ec5edc4bbf2c1e422f5af80d2737a1c0f7ab839e1e7ff17f80af781ba3f2f2f62d5a402eb983719f423e5989504159bd6f987d5f0","ssdeep":"","tlshash":"60f0b32e12209283afe243a22ffcf2cf3c0841c10cac1884b530a6e076e0b135308382","first_seen":"2024-08-23T18:01:39Z","last_seen":"2024-08-29T18:07:29.204402Z","times_seen":3037,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/css/mgv2-application.css","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.021Z","timestamp":1724535730021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/css/mgv2-application.css HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/index2.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 22 Dec 2022 11:50:42 GMT\r\netag: W/\"1ea1e-5f069474cc880\"\r\nx-cache-nxaccel: STALE\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37786,"size_decoded":125470,"mime_type":"text/css","magic":"ASCII text, with very long lines (59825)","md5":"ff76c80e5ee6b2dac5b2c1f6d81a7db1","sha1":"51a288c36145212e75fd2d5af5bee813443a5204","sha256":"f820184b143520527fa900eb1d53900501f71106be05c653f6c2b81534f3801f","sha512":"c4c3ac0e8c927183e6b6e38a6a78188c43f72519fb4e1108139596502022e87d6579513cc8c77ab5921693ff665ca71762e15f3f58235fe7aca3bf881f321a08","ssdeep":"768:cbSe1xHfSkG31VGIOX5mSXpYeOTCsg9mFTYiLT1aCGjbrqp80zhoq+b4vuwCxmw2:Id1xoZOJmSiTNjGjbrqp80zs4dwMxFvj","tlshash":"d7c3f9a28db0322da597c52df8d2978c3738a121d2428fbafc1561e9c7ce2d4193775d","first_seen":"2023-04-06T07:42:53Z","last_seen":"2026-03-08T22:15:49.825691Z","times_seen":286,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/css/blugov.css","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.023Z","timestamp":1724535730023,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/css/blugov.css HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/index2.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 21 Dec 2022 10:24:46 GMT\r\netag: W/\"11400-5f053f6231780\"\r\nx-cache-nxaccel: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27928,"size_decoded":70656,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"017be08165c903d14304596847c2661b","sha1":"90d38f57be7614813e1e49a6090064dc023985b3","sha256":"4217794b756a7de5f436ce268788f5f5ec0d457fbba048d13aa6addf30135b14","sha512":"900a16b36a733018bf813288d4756ceb6ba62e7de79892cc698176318ae46a92b5f0071b6508d29bbbfb0c2f89c5c688447e5c80e88c5e91d2329181b652f9a3","ssdeep":"384:n6InYg9b8BqfUiiM5FGu6XNagF/ONyRybTf8R8bkHto5oCj4Nme48t/LgXspXfIk:n6ImBqfUii8Q/LRDlnkdzcgJsNgM","tlshash":"ec6394635b50320ab266882ebd8277987a35c435e195e7eefccd11d8cfda341272670e","first_seen":"2023-04-06T07:42:53Z","last_seen":"2026-03-19T07:19:36.055226Z","times_seen":455,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.277Z","timestamp":1724535730277,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:49:30 GMT","end":"Tue, 22 Oct 2024 12:49:29 GMT"},"fingerprint":{"sha1":"F2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14","sha256":"22:1D:02:6C:BF:DD:4A:D4:72:18:13:7E:15:9C:D9:F9:D8:70:14:BE:14:0C:8A:0C:4B:F9:D6:F3:2A:56:90:6A"}}},"request":{"raw":"GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1e9821101b.nxcli.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18588\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Aug 2024 06:40:46 GMT\r\nexpires: Thu, 21 Aug 2025 06:40:46 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 01 Aug 2024 20:41:24 GMT\r\ncontent-type: font/woff2\r\nage: 313284\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18588,"size_decoded":18588,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18588, version 1.0","md5":"115c2d84727b41da5e9b4394887a8c40","sha1":"44f495a7f32620e51acca2e78f7e0615cb305781","sha256":"ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6","sha512":"00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45","ssdeep":"384:WF9srt3EJfKy7iOpqErJeqQhzsaZqPTPabcoqYdBTKYPvS9BlTf:Wn6UhKYieqAiPQTwclYQLlTf","tlshash":"e382d0075ef03749b0717dfbf9176109930350844fbcb097e63501b3a2ac53368b9602","first_seen":"2024-08-01T01:35:45Z","last_seen":"2026-05-06T15:34:24.566096Z","times_seen":20069,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":69,"dns":2,"connect":21,"send":0,"wait":8,"receive":39,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:10.487106019Z","timestamp":1724535730487,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 24 Aug 2024 21:42:10 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"d9ee401f669aa5ebb6254faebca53ac4","sha1":"da1a59359ea36acc37fdc382aa413f43bdd1e9e4","sha256":"c36f684fea0cc39b1d59c8c5e0f41d451870adaa85db09901a93fdad0d37e45c","sha512":"3702af244ea55e84a417a99ec5edc4bbf2c1e422f5af80d2737a1c0f7ab839e1e7ff17f80af781ba3f2f2f62d5a402eb983719f423e5989504159bd6f987d5f0","ssdeep":"","tlshash":"60f0b32e12209283afe243a22ffcf2cf3c0841c10cac1884b530a6e076e0b135308382","first_seen":"2024-08-23T18:01:39Z","last_seen":"2024-08-29T18:07:29.204402Z","times_seen":3037,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/favicon-16x16.png","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.508Z","timestamp":1724535730508,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/favicon-16x16.png HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/index2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 238\r\nlast-modified: Mon, 09 Jan 2023 00:46:47 GMT\r\netag: \"ee-5f1ca1a17abc0\"\r\nx-cache-nxaccel: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":238,"size_decoded":238,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"734603b796e313e6b30c5314cfff7a0d","sha1":"9ef8bcab45a447a173ba98d4e8af6114c30a1aca","sha256":"5e70f30259d620e25efa88586a8871d5c94113f0b0d7d6f3e817f585891bf154","sha512":"747a27c58f5395436643d58de585c2cd4870a171b99f9dd3480dc112034426702cfdfafb5c006abfba092d00254d31b51c9a6ae2971a007b980370eb5d43e354","ssdeep":"","tlshash":"edd097e4b5a49d64c5dad1351ba0d1038ca31323483103af2a4b982806b1c0d08f6a00","first_seen":"2023-05-09T01:10:32Z","last_seen":"2026-05-05T01:21:07.131288Z","times_seen":1483,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:11.155179858Z","timestamp":1724535731155,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B9187D8FCC431CEE0496985416A1D32F8B4F32F7F454230E012A80DB9BD4DE1E\"\r\nLast-Modified: Fri, 23 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6769\r\nExpires: Sat, 24 Aug 2024 23:35:00 GMT\r\nDate: Sat, 24 Aug 2024 21:42:11 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f3a7d4b907a16e7e82883be9ff3cc7a4","sha1":"cb041fb7a99151a86d3449564d72737a53edefba","sha256":"b9187d8fcc431cee0496985416a1d32f8b4f32f7f454230e012a80db9bd4de1e","sha512":"b551261924e1d4cfc14a5644ea85da9a27246f8be205d7822e531792ea65df53498cb2d4829740970ce16d2219af2a4dac48d90e218373805b96156b24a690f4","ssdeep":"","tlshash":"33f00ed13234fa445938283a7ae0c06b7924ed9c2d9146fa496082f0b815bbd838001d","first_seen":"2024-08-24T03:23:01Z","last_seen":"2024-08-29T18:04:17.033702Z","times_seen":16894,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-24T21:42:11.158039949Z","timestamp":1724535731158,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B9187D8FCC431CEE0496985416A1D32F8B4F32F7F454230E012A80DB9BD4DE1E\"\r\nLast-Modified: Fri, 23 Aug 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6769\r\nExpires: Sat, 24 Aug 2024 23:35:00 GMT\r\nDate: Sat, 24 Aug 2024 21:42:11 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f3a7d4b907a16e7e82883be9ff3cc7a4","sha1":"cb041fb7a99151a86d3449564d72737a53edefba","sha256":"b9187d8fcc431cee0496985416a1d32f8b4f32f7f454230e012a80db9bd4de1e","sha512":"b551261924e1d4cfc14a5644ea85da9a27246f8be205d7822e531792ea65df53498cb2d4829740970ce16d2219af2a4dac48d90e218373805b96156b24a690f4","ssdeep":"","tlshash":"33f00ed13234fa445938283a7ae0c06b7924ed9c2d9146fa496082f0b815bbd838001d","first_seen":"2024-08-24T03:23:01Z","last_seen":"2024-08-29T18:04:17.033702Z","times_seen":16894,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/images/myGov-cobranded-logo-black.svg","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.027Z","timestamp":1724535730027,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/images/myGov-cobranded-logo-black.svg HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/index2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 21 Dec 2022 10:22:02 GMT\r\netag: W/\"fa8f-5f053ec5ca680\"\r\nx-cache-nxaccel: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64143,"size_decoded":64143,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b53f20300babca4ebb422e59b888be1f","sha1":"699c5898c6dd9d2b8b949db2e13c8f0b0d29e26b","sha256":"954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d","sha512":"3c8417a8c6b689a876633c18f00558b89334f5bcaf8fcd0242d4ed3120bdc0eebc1f1981642c7337c3f690fbc7b243fd61f08220bc7c0bc3bcb2b2ac8c9ae5a1","ssdeep":"768:pOLsHDCJYU28s5MBiVkYR1utxxmLhtzP4GWWT5m/tW0BhRL26WGiGy5ZGrr:pT+Jo8sifYRIaWgKVl29GiGuZU","tlshash":"fc532f7a5308877b45c3cb84dbda64c9325dd1c3f2faa0c8dba3158b5d128bb95bca11","first_seen":"2023-05-05T04:27:34Z","last_seen":"2026-05-05T01:21:07.115171Z","times_seen":2486,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/icons/icon-blugov-info.svg","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.253Z","timestamp":1724535730253,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/icons/icon-blugov-info.svg HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/css/blugov.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-robots-tag: none\r\nx-powered-by: Craft CMS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":48497,"size_decoded":48497,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T15:45:53.712693Z","times_seen":14742555,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.268Z","timestamp":1724535730268,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:49:30 GMT","end":"Tue, 22 Oct 2024 12:49:29 GMT"},"fingerprint":{"sha1":"F2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14","sha256":"22:1D:02:6C:BF:DD:4A:D4:72:18:13:7E:15:9C:D9:F9:D8:70:14:BE:14:0C:8A:0C:4B:F9:D6:F3:2A:56:90:6A"}}},"request":{"raw":"GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1e9821101b.nxcli.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18536\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 20 Aug 2024 17:36:19 GMT\r\nexpires: Wed, 20 Aug 2025 17:36:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 01 Aug 2024 20:41:24 GMT\r\ncontent-type: font/woff2\r\nage: 360351\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18536,"size_decoded":18536,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18536, version 1.0","md5":"8eff0b8045fd1959e117f85654ae7770","sha1":"227fee13ceb7c410b5c0bb8000258b6643cb6255","sha256":"89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571","sha512":"2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058","ssdeep":"384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc","tlshash":"d882dfa0f21610f7df085c39a41f9d3964274bbc613c7c437379587aaa0068d56bbb79","first_seen":"2024-08-01T01:33:28Z","last_seen":"2026-05-06T15:34:24.563312Z","times_seen":50006,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":59,"dns":0,"connect":7,"send":0,"wait":8,"receive":6,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.270Z","timestamp":1724535730270,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Jul 2024 12:49:30 GMT","end":"Tue, 22 Oct 2024 12:49:29 GMT"},"fingerprint":{"sha1":"F2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14","sha256":"22:1D:02:6C:BF:DD:4A:D4:72:18:13:7E:15:9C:D9:F9:D8:70:14:BE:14:0C:8A:0C:4B:F9:D6:F3:2A:56:90:6A"}}},"request":{"raw":"GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1e9821101b.nxcli.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Aug 2024 06:50:54 GMT\r\nexpires: Thu, 21 Aug 2025 06:50:54 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 01 Aug 2024 20:41:21 GMT\r\ncontent-type: font/woff2\r\nage: 312676\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18596,"size_decoded":18596,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18596, version 1.0","md5":"c83e4437a53d7f849f9d32df3d6b68f3","sha1":"fabea5ad92ed3e2431659b02e7624df30d0c6bbc","sha256":"d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb","sha512":"c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f","ssdeep":"384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl","tlshash":"7482d12a50143642c0f6ff3b6767da72fab83036d8554cd206c9994d89e067df78b839","first_seen":"2024-08-01T01:35:45Z","last_seen":"2026-05-06T15:33:00.106565Z","times_seen":30459,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":59,"dns":0,"connect":20,"send":0,"wait":12,"receive":3,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/index2.html","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-24T21:42:08.971Z","timestamp":1724535728971,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/index2.html HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:09 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 12 Jan 2023 03:55:27 GMT\r\netag: W/\"11a0-5f209165749c0\"\r\nx-cache-nxaccel: BYPASS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4512,"size_decoded":4512,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (5139), with no line terminators","md5":"afb3134313e09907672837b6ee10dba9","sha1":"b7fe75da60112cedfa582a431e5ef196b243a30a","sha256":"3c6780abd8a429433dd7edca9402e0a9c67a39363da0faf59d3a07b139f2ba0a","sha512":"4954278539e02a2a459f65c5e730ba296edb87be642668d41d38437f997f50d8106902a5f29511c33c60c017023112f10fe074aadd3c3fd5ac275e3352fd87df","ssdeep":"48:coQ1Y9L9UPKLhRtlhxhQ1ri5U146sXRsmidoHOZmheWEIzNARN146ziAgJM8+Yvy:gKlWiq1NMCdoaWZzNARN1NzcRmDeJK/","tlshash":"b3b1a23e10687036210287ba22a62a3aed57f508bdb1076475adb19cc7edd60c967e21","first_seen":"2024-07-10T00:32:19Z","last_seen":"2024-08-29T17:56:41.934264Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1026,"timings":{"blocked":341,"dns":0,"connect":165,"send":0,"wait":343,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2024-08-24","alert":"Australian Government","trigger":"1e9821101b.nxcli.io/resources/index2.html","verdict":"phishing","severity":"medium","comment":"Australian Government","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1e9821101b.nxcli.io/resources/images/myGov-cobranded-logo-white.svg","fqdn":"1e9821101b.nxcli.io","domain":"nxcli.io","tld":"io"},"ip":{"addr":"173.249.147.218","port":443,"asn":40819,"as":"VPSDATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1e9821101b.nxcli.io/resources/index2.html","date":"2024-08-24T21:42:10.030Z","timestamp":1724535730030,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1e9821101b.nxcli.io","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Aug 2024 12:28:38 GMT","end":"Sat, 16 Nov 2024 12:28:37 GMT"},"fingerprint":{"sha1":"50:87:60:2B:2D:DB:03:27:38:0A:56:36:88:C5:8B:94:0A:8C:3A:6C","sha256":"20:C8:CC:E1:F4:4E:4D:DF:02:24:4B:2C:C8:67:84:F4:DD:24:04:6D:90:2C:1B:EE:33:67:E0:E6:9B:CB:E1:5B"}}},"request":{"raw":"GET /resources/images/myGov-cobranded-logo-white.svg HTTP/1.1\r\nHost: 1e9821101b.nxcli.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1e9821101b.nxcli.io/resources/index2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 24 Aug 2024 21:42:10 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 21 Dec 2022 10:22:04 GMT\r\netag: W/\"fa8c-5f053ec7b2b00\"\r\nx-cache-nxaccel: MISS\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64140,"size_decoded":64140,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"de646b2f77f5fa27d55a01bbb9cf584e","sha1":"33316eb871adf6e08af7c780eb15872549d08dc3","sha256":"10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388","sha512":"e9045ed1fc7c7820e37a6ae88fadb685a79a5d162676fa81360081824bb4ef63dae66ae0d62337d81668eb83998b26ee6404faf0fb299c03cc52e505ad027354","ssdeep":"768:bOLsHDCJYU28s5MBiVkYR1utxxmLhtzP4GWWT5m/tW0BhRL26WGiGy5ZGrr:bT+Jo8sifYRIaWgKVl29GiGuZU","tlshash":"9e532f7a5308877b45c3cb84dbda64c9325dd1c3f2faa0c8dba3158b5d128bb95bca11","first_seen":"2023-05-05T04:27:34Z","last_seen":"2026-05-05T01:21:07.116005Z","times_seen":2421,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Australian Government","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Australian Government phishing","tags":["australia","government","phishing"],"meta":null}]}}]}