mail.nativehealth.org/
12.199.5.101 0 B IP 12.199.5.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET / HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
location: https://mail.nativehealth.org/owa/
server: Microsoft-IIS/10.0
x-feserver: NAHC-EXCH-2019
x-requestid: 14693686-7a5c-49f7-9688-b433b6f6bb37
date: Wed, 08 May 2024 16:57:44 GMT
content-length: 0
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/
12.199.5.101 228 B URL mail.nativehealth.org/owa/
IP 12.199.5.101:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 31a70f2bba185fecced8e338f51c4f61
f956b4c2805cfa5f8b5b69bda20d52f099c6a11f
46765e1fcdb1a802ad0d0e7098207647558a28e3d2abd599326c5f7005763a83
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/ HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://mail.nativehealth.org/owa/auth/logon.aspx?url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f&reason=0
server: Microsoft-IIS/10.0
request-id: 020d26a1-1cc4-48fc-8f45-58f8a5ca41cd
x-owa-version: 15.2.1258.12
x-powered-by: ASP.NET
x-feserver: NAHC-EXCH-2019
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:44 GMT
content-length: 228
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/auth/logon.aspx?url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f&reason=0
12.199.5.101 28 kB URL mail.nativehealth.org/owa/auth/logon.aspx?url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f&reason=0
IP 12.199.5.101:0
File type HTML document, ASCII text, with very long lines (1062), with CRLF, LF line terminators
Hash 413f1292df490a8f73fa42c1eb37b33e
f24e814b9c47eddb3a3813bdb683941bdcbdbe97
beec47d084f8d7bdbddb242d090cf253f118ecf0b16dd16373a31945ca4ff337
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f&reason=0 HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: cbe1a78f-4686-4ec6-b95f-26e84d82f60f
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:44 GMT
content-length: 27988
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
12.199.5.101200 OK 59 kB URL User Request GET HTTP/2 mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
IP 12.199.5.101:443
Certificate IssuerLet's Encrypt
Subject*.nativehealth.org
Fingerprint7B:F5:58:B0:2F:52:43:70:D1:8C:AB:5B:C1:AB:74:83:36:98:42:B4
ValidityMon, 29 Apr 2024 21:01:29 GMT - Sun, 28 Jul 2024 21:01:28 GMT
File type HTML document, ASCII text, with very long lines (10414), with CRLF, LF line terminators
Hash 6ecb0b28973d337843cc879ae562b2b9
79225676703346aac2c900d97c1d54b01e253c1e
e29184613327e9b979bf7e85745f4593a4fdd4b170ecb1cc98558c6f4b71c075
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.nativehealth.org/owa/auth/logon.aspx?url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f&reason=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
request-id: f34a5bcf-c953-4b87-8832-3d66b13c02af
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:44 GMT
content-length: 58793
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
12.199.5.101200 OK 57 kB URL GET HTTP/2 mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf
IP 12.199.5.101:443
Requested by https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Certificate IssuerLet's Encrypt
Subject*.nativehealth.org
Fingerprint7B:F5:58:B0:2F:52:43:70:D1:8C:AB:5B:C1:AB:74:83:36:98:42:B4
ValidityMon, 29 Apr 2024 21:01:29 GMT - Sun, 28 Jul 2024 21:01:28 GMT
File type TrueType Font data, 18 tables, 1st "LTSH", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S
Hash 8af990b6ad3ba192c2dd6a193890bf5f
4db5bf117ff8f1392fab3b438216d7cff4ae4976
c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Tue, 12 Feb 2019 16:46:18 GMT
accept-ranges: bytes
etag: "069af79f2c2d41:0"
server: Microsoft-IIS/10.0
request-id: 3b200a29-1ac5-458a-a4c0-f008eca009ae
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:45 GMT
content-length: 56760
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf
12.199.5.101200 OK 42 kB URL GET HTTP/2 mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf
IP 12.199.5.101:443
Requested by https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Certificate IssuerLet's Encrypt
Subject*.nativehealth.org
Fingerprint7B:F5:58:B0:2F:52:43:70:D1:8C:AB:5B:C1:AB:74:83:36:98:42:B4
ValidityMon, 29 Apr 2024 21:01:29 GMT - Sun, 28 Jul 2024 21:01:28 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: application/octet-stream
last-modified: Fri, 11 May 2018 18:11:29 GMT
accept-ranges: bytes
etag: "805ea77b53e9d31:0"
server: Microsoft-IIS/10.0
request-id: dc194ede-d22d-4247-919e-928a91f5a1c5
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:45 GMT
content-length: 41560
X-Firefox-Spdy: h2
mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/favicon.ico
12.199.5.101200 OK 7.9 kB URL GET HTTP/2 mail.nativehealth.org/owa/auth/15.2.1258/themes/resources/favicon.ico
IP 12.199.5.101:443
Requested by https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Certificate IssuerLet's Encrypt
Subject*.nativehealth.org
Fingerprint7B:F5:58:B0:2F:52:43:70:D1:8C:AB:5B:C1:AB:74:83:36:98:42:B4
ValidityMon, 29 Apr 2024 21:01:29 GMT - Sun, 28 Jul 2024 21:01:28 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.2.1258/themes/resources/favicon.ico HTTP/1.1
Host: mail.nativehealth.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.nativehealth.org/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.nativehealth.org%2fowa%2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: image/x-icon
last-modified: Wed, 01 Mar 2023 18:24:57 GMT
accept-ranges: bytes
etag: "80a239206b4cd91:0"
server: Microsoft-IIS/10.0
request-id: c545caca-a13b-4dbc-a600-cad263a3cd91
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 May 2024 16:57:45 GMT
content-length: 7886
X-Firefox-Spdy: h2