URL User Request GET HTTP/2IP164.68.103.196:443
CertificateIssuerLet's Encrypt Subjectmail.domad.ca Fingerprint9F:17:67:02:20:4A:1C:EC:20:50:F1:48:59:8D:E8:0C:C1:04:52:9C ValidityTue, 03 Aug 2021 10:52:35 GMT - Mon, 01 Nov 2021 10:52:33 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET / HTTP/1.1
Host: domad.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 09 May 2024 16:13:06 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://domad.ca/
|
| domad.ca/css/common,login,zhtml,skin.css?skin=harmony&v=230213095117 | 164.68.103.196 | 200 OK | 15 kB |
URL GET HTTP/2domad.ca/css/common,login,zhtml,skin.css?skin=harmony&v=230213095117 IP164.68.103.196:443
CertificateIssuerLet's Encrypt Subjectmail.domad.ca Fingerprint9F:17:67:02:20:4A:1C:EC:20:50:F1:48:59:8D:E8:0C:C1:04:52:9C ValidityTue, 03 Aug 2021 10:52:35 GMT - Mon, 01 Nov 2021 10:52:33 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hash56ec57430e171c3fb6b4a290915b34ee 6b946f0151df9b98c21176bc00e16d122be3d965 9470ab6f85409efa4ab72b1bada14b99387abd752bcc6467f7335f135ba7d827
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /css/common,login,zhtml,skin.css?skin=harmony&v=230213095117 HTTP/1.1
Host: domad.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domad.ca/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=d2494eeb-bbdc-4296-b104-c842e936ae88
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 16:13:08 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
expires: Sat, 8 Jun 2024 17:13:07 GMT
cache-control: public, max-age=2595600
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
| domad.ca/img/logo/favicon.ico | 164.68.103.196 | 200 OK | 1.2 kB |
URL GET HTTP/2domad.ca/img/logo/favicon.ico IP164.68.103.196:443
CertificateIssuerLet's Encrypt Subjectmail.domad.ca Fingerprint9F:17:67:02:20:4A:1C:EC:20:50:F1:48:59:8D:E8:0C:C1:04:52:9C ValidityTue, 03 Aug 2021 10:52:35 GMT - Mon, 01 Nov 2021 10:52:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash8c7d1c14e4b9c42f07bd6b800d93b806 87e49826ffb3bc1ddac38feebb6bb98eaef568b2 1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /img/logo/favicon.ico HTTP/1.1
Host: domad.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domad.ca/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=d2494eeb-bbdc-4296-b104-c842e936ae88
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 16:13:08 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Sat, 8 Jun 2024 17:13:08 GMT
cache-control: public, max-age=2595600
last-modified: Mon, 13 Feb 2023 14:15:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| domad.ca/skins/_base/logos/LoginBanner_white.png?v=230213095117 | 164.68.103.196 | 200 OK | 3.3 kB |
URL GET HTTP/2domad.ca/skins/_base/logos/LoginBanner_white.png?v=230213095117 IP164.68.103.196:443
CertificateIssuerLet's Encrypt Subjectmail.domad.ca Fingerprint9F:17:67:02:20:4A:1C:EC:20:50:F1:48:59:8D:E8:0C:C1:04:52:9C ValidityTue, 03 Aug 2021 10:52:35 GMT - Mon, 01 Nov 2021 10:52:33 GMT
File typePNG image data, 163 x 36, 8-bit/color RGBA, non-interlaced Hashe04d149f1a5dec8a4b31e20e1f1413fb 44e9355e76474683c0f9ebd8c8150fffd30f9e9b 8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /skins/_base/logos/LoginBanner_white.png?v=230213095117 HTTP/1.1
Host: domad.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domad.ca/css/common,login,zhtml,skin.css?skin=harmony&v=230213095117
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=d2494eeb-bbdc-4296-b104-c842e936ae88
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 16:13:08 GMT
content-type: image/png
content-length: 3299
x-frame-options: SAMEORIGIN
expires: Sat, 8 Jun 2024 17:13:08 GMT
cache-control: public, max-age=2595600
last-modified: Mon, 13 Feb 2023 14:15:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|