| halifax-manage.com/login.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.php | 162.144.3.63 | 302 Found | 0 B |
URL User Request GET HTTP/2halifax-manage.com/login.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.php IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /login.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.phpLogin.php HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: Login.php
cache-control: max-age=7200
expires: Thu, 25 Apr 2024 02:02:25 GMT
x-newfold-cache-level: 2
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/Login.php | 162.144.3.63 | 200 OK | 17 kB |
URL User Request GET HTTP/2halifax-manage.com/Login.php IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hasha7ee0aa30e5c6de3dcebc0945b0d14e9 771477f9f4b2dbda77ffa2208378435c51913127 1e3847f6d31fc690f8714283b26eddd6dce936dfb7b908389dd5a1072a6ee55e
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /Login.php HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=7200
expires: Thu, 25 Apr 2024 02:02:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-length: 17061
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/Halifax-logo-1432115232.gif | 162.144.3.63 | 200 OK | 6.1 kB |
URL GET HTTP/2halifax-manage.com/files/img/Halifax-logo-1432115232.gif IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typePNG image data, 61 x 34, 8-bit/color RGBA, non-interlaced Hashe8fb5404cf7f0af96f676852157310e6 7962e1ff3be50f3ffe64d9e3b57644419dfce9b0 52f775c52a7a465d35c60169d86f01b09c6ac17d80b0ecb6c7301e17c0394fe4
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/Halifax-logo-1432115232.gif HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jul 2020 08:31:08 GMT
accept-ranges: bytes
content-length: 6106
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
x-newfold-cache-level: 2
content-type: image/gif
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/savings_newstyle-1593009617.png | 162.144.3.63 | 200 OK | 11 kB |
URL GET HTTP/2halifax-manage.com/files/img/savings_newstyle-1593009617.png IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typePNG image data, 288 x 75, 8-bit/color RGBA, interlaced Hash73391c763549368cfca2680d7f5a307b df2f39d66f893af3a436b80e576d144c0b0eda13 a919a7fbb66564472a3a5e890ff7b563563d5d5fa68ead3ea40388051caf6738
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/savings_newstyle-1593009617.png HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jul 2020 08:31:08 GMT
accept-ranges: bytes
content-length: 10893
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
x-newfold-cache-level: 2
content-type: image/png
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/fscs-ngb-logon-banner-V2-1459783745.png | 162.144.3.63 | 200 OK | 33 kB |
URL GET HTTP/2halifax-manage.com/files/img/fscs-ngb-logon-banner-V2-1459783745.png IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typePNG image data, 290 x 70, 8-bit/color RGB, non-interlaced Hash6278ef217e6ccbc7ebe007972262e7fb 33bc9db8decf83cd83903d15f0274c04ba99c3be ef18a59ce2fac55baba361d886d7835b66d2e8ecf485c3a4f59dd06fd819aa3f
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/fscs-ngb-logon-banner-V2-1459783745.png HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jul 2020 08:31:08 GMT
accept-ranges: bytes
content-length: 33434
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
x-newfold-cache-level: 2
content-type: image/png
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/padlock-secure-NGB-1432115235.gif | 162.144.3.63 | 200 OK | 204 B |
URL GET HTTP/2halifax-manage.com/files/img/padlock-secure-NGB-1432115235.gif IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeGIF image data, version 89a, 15 x 20 Hash8ccce3e8f655d675408375ac9b663891 e22b1b0ac3bea0dd04f621f95f52dff4b7dc8326 a32d4cb0261b95eae669b741ad8938ad02057d0e0c1cc1638f9cd493a00274de
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/padlock-secure-NGB-1432115235.gif HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Jul 2020 08:31:08 GMT
accept-ranges: bytes
content-length: 204
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
x-newfold-cache-level: 2
content-type: image/gif
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/chevron_right_white.png | 162.144.3.63 | 200 OK | 1.1 kB |
URL GET HTTP/2halifax-manage.com/files/img/chevron_right_white.png IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typePNG image data, 11 x 17, 8-bit/color RGBA, non-interlaced Hashea55a9c4126e0162cf308078a2f11af9 b511ef958c817663296af31af4f4b8ea3fa0cf3c e3cd0d68d226d95c5901c2a6ce9fe33f60531a25f777d0734fa2a61bd0964ef8
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/chevron_right_white.png HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/files/css/base-auto-min200526.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Jul 2020 01:40:28 GMT
accept-ranges: bytes
content-length: 1098
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:26 GMT
x-newfold-cache-level: 2
content-type: image/png
date: Thu, 25 Apr 2024 00:02:26 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/favicon.ico | 162.144.3.63 | 200 OK | 3.6 kB |
URL GET HTTP/2halifax-manage.com/files/img/favicon.ico IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32x32 Hashd3a7a09aa343c7cdb72243c23e60db60 9fcee034fae2ba280b8c18ae800ccaff31f5e404 ac209ad6f1f4413d7109c34ad12c4b9c2a0a58e82987b6201fe342377c1642ab
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/favicon.ico HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Jul 2020 01:43:58 GMT
accept-ranges: bytes
content-length: 3638
cache-control: max-age=31536000
expires: Fri, 25 Apr 2025 00:02:26 GMT
x-newfold-cache-level: 2
content-type: image/x-icon
date: Thu, 25 Apr 2024 00:02:26 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/img/Halifax%20114x114%20app-touch-icon-1472024731.JPG | 162.144.3.63 | 200 OK | 8.4 kB |
URL GET HTTP/2halifax-manage.com/files/img/Halifax%20114x114%20app-touch-icon-1472024731.JPG IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Adobe ImageReady], baseline, precision 8, 114x114, components 3 Hash0eb5dbafafe93f3e5035edf7bcf312ee 21048af8889f4d6b8dce20567e299d2146c52444 35a7a457e4ec7f970bb9e91136a3626816b4d61b7e60791f6e50148a201451ea
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/img/Halifax%20114x114%20app-touch-icon-1472024731.JPG HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Jul 2020 01:44:42 GMT
accept-ranges: bytes
content-length: 8389
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:26 GMT
x-newfold-cache-level: 2
content-type: image/jpeg
date: Thu, 25 Apr 2024 00:02:26 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/css/base-auto-min200526.css | 162.144.3.63 | 200 OK | 89 kB |
URL GET HTTP/2halifax-manage.com/files/css/base-auto-min200526.css IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (7520) Hashc26d978d2fb2f9bfa49adf39f18fe280 174ec1b4cab9321dedc7750a34766d4e71fdacbb f1a08e104670da21abd4338136ac8bdcd388c2886e41d11ced35cb2da6b52ddb
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/css/base-auto-min200526.css HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sat, 11 Jul 2020 23:16:02 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: text/css
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| halifax-manage.com/files/js/jquery.js | 162.144.3.63 | 200 OK | 272 kB |
URL GET HTTP/2halifax-manage.com/files/js/jquery.js IP162.144.3.63:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://halifax-manage.com/Login.php CertificateIssuerSectigo Limited Subjecthalifax-manage.com Fingerprint6D:22:CC:C4:22:1F:77:A5:6E:FD:5D:B8:9B:EE:4E:AD:4A:20:B2:61 ValidityFri, 19 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Size272 kB (272153 bytes) Hash2ac898daf1837381b1264cdb792319ba 532496df4622a43699ee57b612180a21aedad065 84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
Analyzer | Verdict | Alert | OpenPhish | phishing | Halifax Bank of Scotland Plc | Quad9 DNS | malicious | Sinkholed |
GET /files/js/jquery.js HTTP/1.1
Host: halifax-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://halifax-manage.com/Login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sat, 24 Aug 2019 14:25:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 26 Apr 2024 00:02:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: application/javascript
date: Thu, 25 Apr 2024 00:02:25 GMT
server: Apache
X-Firefox-Spdy: h2
|
|