| mitmdetection.services.mozilla.com/ | 54.230.111.70 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Wed, 24 Apr 2024 14:33:13 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZPud-lOhPZeXKg9Qrsxpe3BXUku0g2QKZ2YvYRBBFq3qgnBFcMTytQ==
X-Firefox-Spdy: h2
|
|
| postar.kucazdravlja.ba/css/common,login,zhtml,skin.css?skin=harmony&v=230213095151 | 77.239.64.149 | 200 OK | 15 kB |
URL GET HTTP/2postar.kucazdravlja.ba/css/common,login,zhtml,skin.css?skin=harmony&v=230213095151 IP77.239.64.149:443 ASN#42571 Blicnet d.o.o. Banja Luka
Requested byhttps://postar.kucazdravlja.ba/ CertificateIssuerCA Subjectpostar.kucazdravlja.ba Fingerprint47:E8:7B:A1:6C:13:D6:DD:F0:6F:96:28:7B:D2:EF:6C:EC:11:CD:EC ValidityMon, 20 Jul 2020 09:21:41 GMT - Sat, 19 Jul 2025 09:21:41 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hash1e64e26ee56e2b1cc94104bd13069262 e643fd3ff4cd9ee75c2d291252de691d5d91d16b 68f39a235e5641d1aa44335d668f05325b2861b6a124ca377544384ebb2a308e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /css/common,login,zhtml,skin.css?skin=harmony&v=230213095151 HTTP/1.1
Host: postar.kucazdravlja.ba
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postar.kucazdravlja.ba/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=296b291c-ca24-4d99-bc6d-06a1b1e99b08
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 14:33:14 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
expires: Fri, 24 May 2024 15:33:14 GMT
cache-control: public, max-age=2595600
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| postar.kucazdravlja.ba/img/logo/favicon.ico | 77.239.64.149 | 200 OK | 1.2 kB |
URL GET HTTP/2postar.kucazdravlja.ba/img/logo/favicon.ico IP77.239.64.149:443 ASN#42571 Blicnet d.o.o. Banja Luka
Requested byhttps://postar.kucazdravlja.ba/ CertificateIssuerCA Subjectpostar.kucazdravlja.ba Fingerprint47:E8:7B:A1:6C:13:D6:DD:F0:6F:96:28:7B:D2:EF:6C:EC:11:CD:EC ValidityMon, 20 Jul 2020 09:21:41 GMT - Sat, 19 Jul 2025 09:21:41 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash8c7d1c14e4b9c42f07bd6b800d93b806 87e49826ffb3bc1ddac38feebb6bb98eaef568b2 1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /img/logo/favicon.ico HTTP/1.1
Host: postar.kucazdravlja.ba
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postar.kucazdravlja.ba/
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=296b291c-ca24-4d99-bc6d-06a1b1e99b08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 14:33:14 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Fri, 24 May 2024 15:33:14 GMT
cache-control: public, max-age=2595600
last-modified: Mon, 13 Feb 2023 14:14:46 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 77.239.64.149 | 200 OK | 12 kB |
URL User Request GET HTTP/2IP77.239.64.149:443 ASN#42571 Blicnet d.o.o. Banja Luka
CertificateIssuerCA Subjectpostar.kucazdravlja.ba Fingerprint47:E8:7B:A1:6C:13:D6:DD:F0:6F:96:28:7B:D2:EF:6C:EC:11:CD:EC ValidityMon, 20 Jul 2020 09:21:41 GMT - Sat, 19 Jul 2025 09:21:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET / HTTP/1.1
Host: postar.kucazdravlja.ba
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 14:33:14 GMT
content-type: text/html;charset=utf-8
x-frame-options: SAMEORIGIN
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
content-language: en-US
set-cookie: ZM_TEST=true; Secure
ZM_LOGIN_CSRF=296b291c-ca24-4d99-bc6d-06a1b1e99b08; Secure; HttpOnly
x-ua-compatible: IE=edge
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| postar.kucazdravlja.ba/skins/_base/logos/LoginBanner_white.png?v=230213095151 | 77.239.64.149 | 200 OK | 3.3 kB |
URL GET HTTP/2postar.kucazdravlja.ba/skins/_base/logos/LoginBanner_white.png?v=230213095151 IP77.239.64.149:443 ASN#42571 Blicnet d.o.o. Banja Luka
Requested byhttps://postar.kucazdravlja.ba/ CertificateIssuerCA Subjectpostar.kucazdravlja.ba Fingerprint47:E8:7B:A1:6C:13:D6:DD:F0:6F:96:28:7B:D2:EF:6C:EC:11:CD:EC ValidityMon, 20 Jul 2020 09:21:41 GMT - Sat, 19 Jul 2025 09:21:41 GMT
File typePNG image data, 163 x 36, 8-bit/color RGBA, non-interlaced Hashe04d149f1a5dec8a4b31e20e1f1413fb 44e9355e76474683c0f9ebd8c8150fffd30f9e9b 8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Zimbra Web Client |
GET /skins/_base/logos/LoginBanner_white.png?v=230213095151 HTTP/1.1
Host: postar.kucazdravlja.ba
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://postar.kucazdravlja.ba/css/common,login,zhtml,skin.css?skin=harmony&v=230213095151
Cookie: ZM_TEST=true; ZM_LOGIN_CSRF=296b291c-ca24-4d99-bc6d-06a1b1e99b08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 14:33:14 GMT
content-type: image/png
content-length: 3299
x-frame-options: SAMEORIGIN
expires: Fri, 24 May 2024 15:33:14 GMT
cache-control: public, max-age=2595600
last-modified: Mon, 13 Feb 2023 14:14:46 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|