| mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& | 172.241.164.59 | 200 OK | 5.8 kB |
URL User Request GET HTTP/2mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (318), with CRLF line terminators Hash98f9433e3fca692822f25d9aa3e09f87 9e43aca0b6d9072aae55ffe6c9b1311ec155f0b1 e6a605afd022e0bcbb4b822f971248c7fe7fcc7409e708df8ea2557b6226dabb
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-length: 5815
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| mail-portal.support/mail.navy.lk/navy_lk_img.PNG | 172.241.164.59 | 200 OK | 6.5 kB |
URL GET HTTP/2mail-portal.support/mail.navy.lk/navy_lk_img.PNG IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typePNG image data, 266 x 55, 8-bit/color RGBA, non-interlaced Hash25ae6309014243fda3749e482c9b321f 3daec9d0bad3bf82a41ef16bea2392b1acdd34cb 0a3b2744f796acf9f4d44409048b950862a48c72385991c04ceabcb4a4df0f42
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /mail.navy.lk/navy_lk_img.PNG HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 09:11:45 GMT
accept-ranges: bytes
content-length: 6480
content-type: image/png
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| mail-portal.support/mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css | 172.241.164.59 | 200 OK | 13 kB |
URL GET HTTP/2mail-portal.support/mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typeASCII text, with very long lines (751) Hashf5416d4161b72df305996ea27999ef52 d80f0e572e31ef2ae421eca24184bc55c5fd308b 23560a89920f183015c822802a98baeab1c145098bbee5fe0ebdcf1ca5243f5e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH&
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 09:09:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12864
content-type: text/css
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| mail-portal.support/img/new-back-ground-image.png | 172.241.164.59 | 404 Not Found | 315 B |
URL GET HTTP/2mail-portal.support/img/new-back-ground-image.png IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /img/new-back-ground-image.png HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| mail-portal.support/logos/webmail-loginbanner.png | 172.241.164.59 | 404 Not Found | 315 B |
URL GET HTTP/2mail-portal.support/logos/webmail-loginbanner.png IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /logos/webmail-loginbanner.png HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| mail-portal.support/mail.navy.lk/img/questionMark.png | 172.241.164.59 | 404 Not Found | 315 B |
URL GET HTTP/2mail-portal.support/mail.navy.lk/img/questionMark.png IP172.241.164.59:443 ASN#396362 LEASEWEB-USA-NYC
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerLet's Encrypt Subjectwww.mail-portal.support Fingerprint35:4F:AB:28:EB:70:53:43:78:05:A8:41:4B:A3:3E:31:DC:1E:C3:E0 ValiditySun, 21 Apr 2024 06:40:07 GMT - Sat, 20 Jul 2024 06:40:06 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /mail.navy.lk/img/questionMark.png HTTP/1.1
Host: mail-portal.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/mail.navy.lk/Zimbra%20Web%20Client%20Sign%20In_files/common,login,zhtml,skin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Fri, 10 May 2024 06:14:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| status.rapidssl.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hash2f1d46fde959dc89d5c5e739e826c274 13cf145985ed7f77f29bf6a474e370d0035ef188 52174d5ef0bf395511df2548218b11abe7606be2fda96a91f3b5c34208e8865b
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5658
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Fri, 10 May 2024 06:14:01 GMT
Last-Modified: Fri, 10 May 2024 04:39:43 GMT
Server: ECAcc (amb/6B53)
X-Cache: HIT
Content-Length: 471
|
|
| mail.navy.mil.bd/img/logo/favicon.ico | 114.130.68.195 | 200 OK | 1.2 kB |
URL GET HTTP/2mail.navy.mil.bd/img/logo/favicon.ico IP114.130.68.195:443 ASN#17806 Tire-1 IP Transit Provider of Bangladesh
Requested byhttps://mail-portal.support/mail.navy.lk/login.php?1X&ajfzaH8vF&POIC1v84uqS&dat=bmhxZGdvc3RhZmZAbmF2eS5sayA=&pg=aHR0cHM6Ly9tYWlsLXBvcnRhbC5zdXBwb3J0L25hdnkubWlsLmJkL01hcmluZSBXZWF0aGVyIEZvcmVjYXN0LSAwOSB0byAxNiBNYXkgMjAyNC5wZGYg&S2dKmsG1vnrQCSIFaFrbQH& CertificateIssuerDigiCert Inc Subjectmail.navy.mil.bd Fingerprint65:F0:9A:AF:ED:ED:C8:2E:FE:BA:40:8F:F5:D6:8A:E2:98:A6:63:57 ValidityThu, 25 Jan 2024 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash8c7d1c14e4b9c42f07bd6b800d93b806 87e49826ffb3bc1ddac38feebb6bb98eaef568b2 1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
GET /img/logo/favicon.ico HTTP/1.1
Host: mail.navy.mil.bd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-portal.support/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:39 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Sun, 9 Jun 2024 07:14:39 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 01 Dec 2023 12:16:30 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|