r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17423
Expires: Wed, 16 Nov 2022 08:57:43 GMT
Date: Wed, 16 Nov 2022 04:07:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16839
Expires: Wed, 16 Nov 2022 08:47:59 GMT
Date: Wed, 16 Nov 2022 04:07:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4897
Cache-Control: max-age=114324
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:20 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:52:44 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: k0lS/z8TbM4qJIC2cgvLSUjo31mMBjdruefe5wYyobZTm1k2sXp/nkbIawtFAFw8xnNVKKeH22Q=
x-amz-request-id: TY88NPHT6BH6A9MB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 03:14:32 GMT
age: 3168
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:43 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1357
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:07:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 03:25:01 GMT
cache-control: public,max-age=3600
age: 2539
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4ab5fcddea48a045e36d80175d85244
4ef6bc24500ee48746f0237448e68ac15ae818ef
3f8c08b680a7ec5243f6299f9477d1a6edca73961cab546d385b04d25d1ab0fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F8C08B680A7EC5243F6299F9477D1A6EDCA73961CAB546D385B04D25D1AB0FE"
Last-Modified: Tue, 15 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21518
Expires: Wed, 16 Nov 2022 10:05:58 GMT
Date: Wed, 16 Nov 2022 04:07:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1842
Cache-Control: max-age=106217
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:20 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 09:37:37 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
kumi93kumi.com/FirstTech/
163.44.185.205200 OK 14 kB URL HTTP/2 kumi93kumi.com/FirstTech/
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (20931), with CRLF line terminators
Hash d5fa0c7aa8d3f5d94d46d34a0746fb4a
5308f8fe9dcfdc7c9871b15a6b5e4684428bb171
e8a9c83bca910cd8d608c2339b50b8a3f3dcf324e3e784ad04fdcd41ba98ab02
Analyzer Verdict Alert openphish First Tech Credit Union
fortinet Phishing
GET /FirstTech/ HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:20 GMT
content-type: text/html; charset=UTF-8
content-length: 14029
server: Apache
x-powered-by: PHP/7.4.33
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6qTvku7NVSf/NwYod9Tzxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UqftJg+EGRCipVlGvt0nLnF7bPI=
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/yui-reset.css
163.44.185.205200 OK 442 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/yui-reset.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (746), with CRLF line terminators
Hash 8aef766dca9579bc37ec279321c88d9e
7f493dcb8b752edadf5832ecfef8614e70e47e9f
73bb19387863edd8a65876e39b94cda46abd5cfcc86d192a1825d74f3fbdb6ff
GET /FirstTech/Connexus%20Credit%20Union_files/yui-reset.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 442
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/css.css
163.44.185.205200 OK 666 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/css.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with CRLF line terminators
Hash 5239690468dd765cc2efdaf8bb5e9591
74def02ce0680cd1596d10ee6fd9b6473dc23f22
e6ccd5dc75dbe45bb93ac542275e68f674b0725bafab48882c9855817e989cfe
GET /FirstTech/Connexus%20Credit%20Union_files/css.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 666
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js
163.44.185.205200 OK 13 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32015), with CRLF line terminators
Hash e5008bbe52cb7c3dbc97bea87bb26481
270454327e7f27390dec5cdf25d4c48ffc4d95fb
eaa22940cab13dccf9b600f059187e0013b63f1eb41f64e618ac883aca5196c2
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 12948
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.css
163.44.185.205200 OK 829 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2651), with CRLF line terminators
Hash ba4026b9c7aa09cafab00930363543d9
15931af021a1243617d1778c801520740ef16044
4f1737ae79b30e0af2f13d1ba9cdaca598505ab48ba1534049e0ff1947eb35a7
GET /FirstTech/Connexus%20Credit%20Union_files/jquery.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 829
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/analytics.js
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/analytics.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1656), with CRLF line terminators
Hash 13e24c8986b319e38b76f0db76361942
1aadc448e8fa459314a7537061845cbdb8532da2
33d3fae81b67dc4661f5ab5ca937b49b2abf6b47c8f7ce2cf96f7b2f3a57557b
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/analytics.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 17620
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css
163.44.185.205200 OK 361 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (743), with CRLF line terminators
Hash e73015807e4d4c679f8e15a2908ef1b6
3e5f6850497e9191ff4ec4370c7c393f87847306
071b116de4c58fd4012952a134f145d5aa2835801b8c43fd5d7354b968f71cfc
GET /FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 361
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css
163.44.185.205200 OK 7.6 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (29352), with CRLF line terminators
Hash c5537111f351964e36cb0e1ecff37e73
3a91b251a035a69ce25d843961b2def1ffbe3982
b4ed5f8b5895332d87d5f9ea14bcf901f97174b6c25f9b36701ac4b909283758
GET /FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 7578
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext-all.css
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext-all.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65409), with CRLF line terminators
Hash 773063a1f62da989055ff1eacab48fc0
703eefbd0eea036489804fd2e70d2b3ee40720a0
2504c66b90f765e679e042ed8d44a9b69431cd786d4972492078736f125ea0a8
GET /FirstTech/Connexus%20Credit%20Union_files/ext-all.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 17529
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10636
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:07:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10636
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:07:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10636
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:07:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10636
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:07:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QoxGYkibw1jcAuQl98jD4TlKooUlL6ojdOVzQ7khiF0pMwY4_0IO9Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:48:37 GMT
age: 22724
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EoSIjUgouoxAtnpWMBPNTjLfmm_Anv7R5mYNdb5Ik9RrgxJg_nZ1rQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:48:37 GMT
age: 22724
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c774a9a33f0c86087fe36fe18cf02db8
d81bf6504b30d50cf9cb14f8efca8e961f422a57
80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAG7roAMF30Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:49 GMT
etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57"
content-type: image/jpeg
age: 22352
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:17:19 GMT
age: 21002
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed2eb8cd1cffa83445bfc822fff3cd95
5d6f0e9bec236755d70ac6779e86684795e5c798
6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8236
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBET6oAMF_cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vy-8T_ncnJ9GcoWYpY3JStTpjIw0BWjuagrkuoThABdT9FSq3lfVlA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:51 GMT
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798"
content-type: image/jpeg
age: 22350
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Wn2txfVMcQZgjTT0ny5o_j87O-eidXenBmzitM6zJec0i40Bs1zgGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:05:26 GMT
age: 21715
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/base.css
163.44.185.205200 OK 34 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/base.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32028), with CRLF line terminators
Hash 57eefd22d8611210e6822456edead76e
b120f6356fbba810add5c0ec724bd7ed6f82efb4
50fd35b6cfb220365497e6ffd85ec140a37887db4bbfa065193e7fce0574e3f3
GET /FirstTech/Connexus%20Credit%20Union_files/base.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 34158
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/sidebar.css
163.44.185.205200 OK 847 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/sidebar.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2691), with CRLF line terminators
Hash 39b5d696474f2518a797ec95445725e5
1f72c446a978251cfd1e739dec1915b8c9001c9b
b74914541263fc3ea47b76ba913a61c69b69b88e1ab710eeb16b40ef3f0344d6
GET /FirstTech/Connexus%20Credit%20Union_files/sidebar.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 847
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/grid.css
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/grid.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5600), with CRLF line terminators
Hash e717667738168d007eaeaa666a4b538a
c138f013a95976dd3e0ee7a5eaf3a6386f1e431f
a9b2fc74af81a1de406d8b55d168e1b0846af1ac225e731b9604030ea9438ced
GET /FirstTech/Connexus%20Credit%20Union_files/grid.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 1510
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.css
163.44.185.205200 OK 346 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (537), with CRLF line terminators
Hash 4964dd45c5dcf3d2356aea1c469eee17
fcae1099d61898471a06505b54815e939e79a6b8
0dbed80cc950db35092e930a2548754253b58cdb1199d3a4eac0034122e68c34
GET /FirstTech/Connexus%20Credit%20Union_files/iris.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 346
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css
163.44.185.205200 OK 2.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (10371), with CRLF line terminators
Hash df2bcdea1a384a976376e3b8f333f1d8
b6d7c8fe06f1c06537a32f9a2305264bfc8d1dfb
c32fe857599c463f0588e1e69bcd1b815b2749511c93e95fe538f071850cc013
GET /FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 2056
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris_002.css
163.44.185.205200 OK 15 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris_002.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e9a2f3b49c7977884785abe22b27a51
1d46575e724b9136786b7dd3e1ee5c82ebdd058a
b854a8136de7368c96732afb951d7c50bfb417ae356bf61ffe81200c94074816
GET /FirstTech/Connexus%20Credit%20Union_files/iris_002.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 14608
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.css
163.44.185.205200 OK 3.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20220), with CRLF line terminators
Hash 8f411d7fb42255ac382a1c17ae1c7d9a
4f2cab3f40491147fbc8bf031cdcaf3cc9c2c42e
9285b924759ce74bcf7479f55b5a1da03cc0aa6989145177f65dd3734ad7ff1d
GET /FirstTech/Connexus%20Credit%20Union_files/Authentication.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 3237
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/theme.css
163.44.185.205200 OK 4.7 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/theme.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27196), with CRLF line terminators
Hash d23511482962e3f497425b25069ae198
6f0e6690824593c398664b7eafa476d43e53676f
ceefa8cf263a1a899c9755d5f259c7568f3fb82b8203413b72b9bb48eb3a9f9e
GET /FirstTech/Connexus%20Credit%20Union_files/theme.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 4655
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fi.css
163.44.185.205200 OK 8.0 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fi.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (40820), with CRLF line terminators
Hash c978cbf8dce47cf69da9740b4de47a6d
7d4b28657a915821a647446ba0768b1dfc1306b2
40e3c31b2b93181344f712489d780b1172257323575417ac7f83246d895d7d52
GET /FirstTech/Connexus%20Credit%20Union_files/fi.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 7977
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css
163.44.185.205200 OK 99 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with no line terminators
Hash fc23a0c679b13b3451236e284f4330b9
645e90c3d5cf7cfc0e23afd02c63eabf987715f9
63e578f6d6e2225151cd126931d55fa822949e94f8888cf81912fb7e492b0a9c
GET /FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/css
content-length: 99
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Logo.png
163.44.185.205200 OK 20 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Logo.png
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 400 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 029001f80b5bcbc5ccbadb3b0e21238e
41072b74133c26b08faef0a7d415155c9ea2c4cf
eb73ff64de1dfa7e7e7bb7b5a052299907731de3a336e298bffb9a7d4461b0b1
GET /FirstTech/Connexus%20Credit%20Union_files/Logo.png HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: image/png
content-length: 19464
server: Apache
last-modified: Mon, 14 Nov 2022 22:49:16 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/app-store.webp
163.44.185.205200 OK 1.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/app-store.webp
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88ee13ae12959c2a4ac8f073d4eaeccc
bd550bacbea4ebc7e280d0e92ab14909bc6a8478
b3a36a3665c80d7325ba725bbc5e3c05f8768278ecd0a53494f81bdfda5aa637
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/app-store.webp HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: image/webp
content-length: 1111
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/play-store.webp
163.44.185.205200 OK 1.7 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/play-store.webp
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d2fb2a8ffe3e09698b61ffa1fee8ea6
67db26698b5cb0970eefeb5a089d6eac3f4aae02
2fd9168c052a3a6e73e45d604f99b9a217ec23858f384bbf05939a686246d6d7
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/play-store.webp HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: image/webp
content-length: 1669
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/localization-ts.js
163.44.185.205200 OK 441 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/localization-ts.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (741), with CRLF line terminators
Hash 1d8ae1e60c45ae774ff49222e2280292
9e4a2b2ce601adbb119c4d947fc8f83eec0346cb
55546107623083cdabfff5d70ce6f4f8b9511d5040ba96db568232dd53e28cf6
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/localization-ts.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 441
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
163.44.185.205200 OK 19 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Hash b5b117ac20a0b74e963ec1068075bf55
d9987bbdc9d0b8a3395391fe8721c716a8657cc4
11de31b749fa45c7cfec60a0389afb0f5e32c6e03c3d14a93f1959b215268989
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/plain
content-length: 18628
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/popper.js
163.44.185.205200 OK 7.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/popper.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20164), with CRLF line terminators
Hash f4286afad3eb7fa8ef3b696d59c6ccc8
07e1b12e92e7defed8b2b042b87cf525fdc5fe92
5605bf68bbd9a14a553af5301c790f4214e0573307984ec60c885b8bd6bd6802
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/popper.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 7245
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.js
163.44.185.205200 OK 30 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6805ed1ce79138651746b971b9ed46f3
c10e8b6cc09beb6bcadddbda23d1f0e7383dd304
351b2f44257fa01dae2eb209c52e4c99589e3fa35056881a7e88c12d65075e7e
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/iris.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 29571
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/polyfill.js
163.44.185.205200 OK 9.3 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/polyfill.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27394), with CRLF line terminators
Hash 304dd489515edf884300bc342ed6564d
baf67714b0659f4108143d8dc25cea26d33c7c6a
a69ab2493bbe5ed27e87ac3d725de51f193aa27d99e6e7c071c8cdeca0422be7
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/polyfill.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 9305
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/vendor.js
163.44.185.205200 OK 38 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/vendor.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (51679), with CRLF line terminators
Hash a78ddb6258297b76b031801317858510
67e18a445b0942c83faf4226c655cded3b62835e
81cf6449f44e25e52ae672d1c8c721f6191f0210b407b96574fadc6cff69a326
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/vendor.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 37570
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/globals.js
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/globals.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (31981), with CRLF line terminators
Hash 332fa41359b46e6ffa3711713ff93aaa
8c5d76446730100f042572dacb74b0328fefb16f
4222bd8196cc75f5bd3473c90107874ec8e55c4583ebbff7ed0d127d7ed53c24
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/globals.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 18479
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout_002.js
163.44.185.205200 OK 2.4 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout_002.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (7656), with CRLF line terminators
Hash 9c120ee77f171ae8f9f983bdcf8e2df1
8f0812c8c5bbfa4bb0dc1c1be4896dce02ccc252
3a583bc35548c5df077ebd1a23a7dc670bb9121bee3df28d1570c7c93e762c01
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/knockout_002.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 2377
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee088afc22d9edecee7fc8f9a677d1c8
015b4d5b0037edc07838843b4eac9062fe092fae
61a4cd5e8a0a10a77ea15f3344b522b9b20455f02002eb56d4543d9d0b8aa450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/aec7706684
163.44.185.205500 Internal Server Error 472 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/aec7706684
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash ee088afc22d9edecee7fc8f9a677d1c8
015b4d5b0037edc07838843b4eac9062fe092fae
61a4cd5e8a0a10a77ea15f3344b522b9b20455f02002eb56d4543d9d0b8aa450
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/aec7706684 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 83b2cc8ea40190737f2d7ebb9681df7c
c4e86e12dad1281f1bd8647d39745e4727fbd29e
c24433a6381b52df17e3cf1cb16f7e3c75e9a57c1174e720a091f4c485c53dbb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout.js
163.44.185.205200 OK 32 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash 1dd6153dbae8ab572ac40bda93da4c4b
d756da54f84706ae6a26ee212820d00f829e5d3d
8f6ffadacc1d28d8f2b142e89bd4d634d733d3fc11a9c3d85226c0e1dc5a495e
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/knockout.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 31699
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
172.217.21.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 315324
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
172.217.21.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Hash 037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:31 GMT
expires: Sat, 11 Nov 2023 23:09:31 GMT
cache-control: public, max-age=31536000
age: 363471
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
172.217.21.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15440, version 1.0\012- data
Hash 55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:59:15 GMT
expires: Thu, 09 Nov 2023 18:59:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
age: 551287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee088afc22d9edecee7fc8f9a677d1c8
015b4d5b0037edc07838843b4eac9062fe092fae
61a4cd5e8a0a10a77ea15f3344b522b9b20455f02002eb56d4543d9d0b8aa450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/shared.js
163.44.185.205200 OK 1.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/shared.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3158), with CRLF line terminators
Hash b6e9ac5124f68cf3e2cc279068598375
d8eed53a66e0abc47524a434065ce11ee3594a41
560dc085e32c5c73bae4ada283214386d88f52437872972402f337881812b53a
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/shared.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 1217
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/flashInterface.js
163.44.185.205200 OK 1.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/flashInterface.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2644), with CRLF line terminators
Hash b3398c8c07f271b96f58dec704938ee8
4a9af51847c1898db40a1b317f24c88907ab91ca
6404060a72ac236ded79c97f585db8b6901e1d19eff522ab4c0afc00bbc33fd9
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/flashInterface.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
content-length: 1097
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/plugindetect.js
163.44.185.205200 OK 10 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/plugindetect.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (30324), with CRLF line terminators
Hash 7de46fd61aca0acdde7e67ed02535ef8
1d7e1c42fc2d55fe89773446af440c3c2972f91f
8787e233b041cb8e1fdffa0a437eefb83a79bd9161c4d98daeef0960f7044a3c
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/plugindetect.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 10167
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/machineInfo.js
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/machineInfo.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5113), with CRLF line terminators
Hash 06c03a56bd25ebb898fa3cebfe2b6eed
b37266f9b7bc93f4aa9360844fbb0c648eaf1b01
04d92f0418e5da2a6711c58beab6b7279171356251d2e76e766a7ed1adde61ba
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/machineInfo.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 1535
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.js
163.44.185.205200 OK 2.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (6838), with CRLF line terminators
Hash eb435cbf8ebe3778f61fc27d97943108
5c67c39e44a5a3c4bdfce2cbb23d2924e97e7b77
97e010bc1821b885ba7b1444f11b855fdf442b47e4da681cf437c506a9ccd439
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/Authentication.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 2089
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Helpers.js
163.44.185.205200 OK 502 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Helpers.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (806), with CRLF line terminators
Hash d0b318c493c5553ed98069144f05166b
7437532495f1c91375f79e3801e6598719d6e294
480d4a62116b53be02bb02b7fea75e07886be6c97ca04e58f5f56c9055ab1d64
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/Helpers.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 502
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3853), with CRLF line terminators
Hash 1d24bcc2c78a95a64dbc824ef41dcdc5
a3badf737315c26e553d9d60248b352be9d5bffe
3fcd523fc78f6f2c055d9e70df59788b2af95b4cb679e33afccca061a5e7bc2d
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 1457
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js
163.44.185.205200 OK 2.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2344), with CRLF line terminators
Hash d4bec1f696865fe83d4a0829f39f5527
1a892e1d317b60d5fdac0385e102465d7f283ee2
1c23c3d4fd433d0041abdf33a5e777fd567d212c297dbd51c10371ebc581e187
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 2172
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
163.44.185.205200 OK 5.0 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20326), with no line terminators
Hash 5af05714fbc0f2f9f22e47ba35ee7daa
475f5981424f63a98f49add981c303edfd8cdf04
b669733a73a2c58a0a5a2d6eba3652aeb411ea15d60f0810705bff757d8f2c57
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: text/plain
content-length: 4965
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/snippets.js
163.44.185.205200 OK 221 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/snippets.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (367), with no line terminators
Hash b5b47b204e93c8971937ba2ba02026b2
18f3efd3e63c8534af16cb5c71543ae94ddc7ce8
092dc89d63570e59cc5904471f90c5f83cae282ac6e6ac39098d9671512d494c
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/snippets.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: application/javascript
content-length: 221
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/print.css
163.44.185.205200 OK 1.9 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/print.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (7734), with CRLF line terminators
Hash 78d425f1a1283f365b2bb6ce050f6699
61e256149640787b13f7d009a08466e7397ce763
6ae244b7252b218f765150b9d88df09f4b6e26fb5d2f220bfcbb6b10d94794f9
GET /FirstTech/Connexus%20Credit%20Union_files/print.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: text/css
content-length: 1872
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff
163.44.185.205500 Internal Server Error 20 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type gzip compressed data, max compression\012- data
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/fonts/AlkamiLogos.woff HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/base.css
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
www.google-analytics.com/r/collect?v=1&_v=j73&a=1387567828&t=pageview&_s=1&dl=https%3A%2F%2Fkumi93kumi.com%2FFirstTech%2F&ul=en-us&de=UTF-8&dt=First%20Tech%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEAB~&jid=2061178633&gjid=1375079806&cid=1351416261.1668571642&tid=UA-71023015-1&_gid=340041009.1668571642&_r=1&z=1871342172
142.250.74.174302 Found 419 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j73&a=1387567828&t=pageview&_s=1&dl=https%3A%2F%2Fkumi93kumi.com%2FFirstTech%2F&ul=en-us&de=UTF-8&dt=First%20Tech%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEAB~&jid=2061178633&gjid=1375079806&cid=1351416261.1668571642&tid=UA-71023015-1&_gid=340041009.1668571642&_r=1&z=1871342172
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ab69d2055837e82ee3d4273b5c534df7
ca37932c3d3d215a8f2702fc703df52f4f1b2244
e3ec58cf278c4f1372c798c11c99315903ad207636950a9ed417d15e9c00d851
GET /r/collect?v=1&_v=j73&a=1387567828&t=pageview&_s=1&dl=https%3A%2F%2Fkumi93kumi.com%2FFirstTech%2F&ul=en-us&de=UTF-8&dt=First%20Tech%20Federal%20Credit%20Union&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEAB~&jid=2061178633&gjid=1375079806&cid=1351416261.1668571642&tid=UA-71023015-1&_gid=340041009.1668571642&_r=1&z=1871342172 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_gid=340041009.1668571642&gjid=1375079806&_v=j73&z=1871342172
access-control-allow-origin: *
date: Wed, 16 Nov 2022 04:07:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c867463fb48760aa44f1d3180b4b1a7f
7cf4980087bd11c4c7abef7c131e7d6da02ad373
f530eb8ef38494cb74726c6bb6732ab49eb698d3726611745908b5a45a97f20d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5591
Cache-Control: max-age=119371
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Etag: "63737b71-1d7"
Expires: Thu, 17 Nov 2022 13:16:55 GMT
Last-Modified: Tue, 15 Nov 2022 11:43:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
163.44.185.205500 Internal Server Error 471 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash c867463fb48760aa44f1d3180b4b1a7f
7cf4980087bd11c4c7abef7c131e7d6da02ad373
f530eb8ef38494cb74726c6bb6732ab49eb698d3726611745908b5a45a97f20d
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/Alkami-font.woff?636833168113306165 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5feeb7e989b35505b27dd9e63042920e
806933568b6652daca1c09ba165a446b277d7c4c
ca2ba92bbe3e9a7e47e58d661ceda3848e75f4e6d2ccd5e8724160ec25f34bf8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2124
Cache-Control: max-age=150434
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Etag: "63740252-1d7"
Expires: Thu, 17 Nov 2022 21:54:38 GMT
Last-Modified: Tue, 15 Nov 2022 21:19:14 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_gid=340041009.1668571642&gjid=1375079806&_v=j73&z=1871342172
142.250.150.155302 Found 367 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_gid=340041009.1668571642&gjid=1375079806&_v=j73&z=1871342172
IP 142.250.150.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f243225ac1c2c020ef26f8a1d8870ae4
08b5fb1efa9d3f11a838b29415b7420cbe00de47
e207c347a1a68ae90d68a21ef282ced99204f1f532266bac7166c1356030d6b7
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_gid=340041009.1668571642&gjid=1375079806&_v=j73&z=1871342172 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kumi93kumi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_v=j73&z=1871342172
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 04:07:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery_002.js
163.44.185.205200 OK 72 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery_002.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash 444d7ff89f2da74407675a238f9d7737
5f180e93f6622ac61f2f915661fcf4054bdaf0c4
63e73b7c4c62c2845a4566d358570e11e2f1e49301a96e509159c0331659c3e7
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/jquery_002.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_v=j73&z=1871342172
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_v=j73&z=1871342172
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_v=j73&z=1871342172 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kumi93kumi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 04:07:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=1351416261.1668571642&jid=2061178633&_v=j73&z=1871342172&slf_rd=1&random=1142068909
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kumi93kumi.com/Modules/YodleeFastLink/YodleeFastLink.css
163.44.185.205500 Internal Server Error 471 B URL HTTP/2 kumi93kumi.com/Modules/YodleeFastLink/YodleeFastLink.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash 9d9493125a22b98bd2ac3a1b11cc0a12
8334175b79551b1e0592f63eb606543c915983a2
a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
GET /Modules/YodleeFastLink/YodleeFastLink.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/API/Locales
163.44.185.205500 Internal Server Error 42 B URL HTTP/2 kumi93kumi.com/API/Locales
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /API/Locales HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgABWFdUGwACUFlWAwQ=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1ace154d0f6419b5db4372cb2a996458
d559bb7e807a774add25cc092313aeb49f41eb17
3407a2e91eb3e6253f6cf3f4a5be401884c9409738734a468c30c9cfcdac1662
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-spa-1118.min.js
151.101.86.137200 OK 13 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1118.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32015)
Hash 8652588de7907a2ff449646421e5e5c1
593149229a462cd897d39da89552428d14cdaa7c
9169cade724eb2c4f34ae87c31fcd35529c2861d089fd659d653fd46d2dcd893
GET /nr-spa-1118.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4DwFcnOgMis86rhhe7f7AoG/5omHUqKbvJI1UGQ2X1vKTVJZeIw+R+DnJ7Anap5xLa1oYMt2unw=
x-amz-request-id: 2QM0E5SWXB5M5NJR
last-modified: Wed, 02 Jan 2019 18:42:31 GMT
etag: "7e24c95b9a35bca45860d13c1ef0a95b"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 16 Nov 2022 04:07:24 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1668571644.305494,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 12943
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5feeb7e989b35505b27dd9e63042920e
806933568b6652daca1c09ba165a446b277d7c4c
ca2ba92bbe3e9a7e47e58d661ceda3848e75f4e6d2ccd5e8724160ec25f34bf8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148310
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Etag: "63740252-1d7"
Expires: Thu, 17 Nov 2022 21:19:14 GMT
Last-Modified: Tue, 15 Nov 2022 21:19:14 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2816974181afea25a0509f3f6375fe02
f26b737682c3076bc5cd7d866368f141c4a3e084
09eae85d7db49bd27881eed337ad2a2e1aa075a94ac5ae323f2907d3791b4f56
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1491
Cache-Control: max-age=154118
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:07:24 GMT
Etag: "6374132f-1d7"
Expires: Thu, 17 Nov 2022 22:56:02 GMT
Last-Modified: Tue, 15 Nov 2022 22:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
104.17.43.19200 OK 284 B URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
IP 104.17.43.19:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5d15480a42008adfc6a2210aa3c0f34e
a1bb91beaef073f57551849fbd5414b3c4a8bfe1
44922a1bb754a26cf842a1031e8f0d3f2141564f1bfc444fe5cc433fa0a81ee4
GET /Orbital/Connexus/favicons/favicon-16x16.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:24 GMT
content-type: image/png
content-length: 284
last-modified: Mon, 24 Oct 2022 06:13:01 GMT
etag: "e33471ab6fe7d81:0"
x-svr: WEB1648135
expires: Wed, 16 Nov 2022 04:17:24 GMT
cache-control: max-age=600
cf-cache-status: MISS
accept-ranges: bytes
cf-request-id: 152037d8a70000b51d86001000000001
set-cookie: __cf_bm=AtnYidaUzT46oEeuPigtVwQlxHRP0n2mgeejb67nAoI-1668571644-0-AfAbN8CjFehLfDo8bNs/PqSg3xJWfJxCV57A7H3ZpVr9csqQwV3o93QG7+nOdxX59dlZoikq0yBNdCRo/K93fMU=; path=/; expires=Wed, 16-Nov-22 04:37:24 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76ad5c077bfdb51d-OSL
X-Firefox-Spdy: h2
bam.nr-data.net/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=4487&ref=https://kumi93kumi.com/FirstTech/&ap=27&be=2292&fe=4401&dc=3756&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668571639250,%22n%22:0,%22f%22:-4,%22dn%22:43,%22dne%22:45,%22c%22:45,%22s%22:310,%22ce%22:763,%22rq%22:763,%22rp%22:1279,%22rpe%22:1279,%22dl%22:1288,%22di%22:3754,%22ds%22:3755,%22de%22:3793,%22dc%22:4400,%22l%22:4400,%22le%22:4402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=4487&ref=https://kumi93kumi.com/FirstTech/&ap=27&be=2292&fe=4401&dc=3756&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668571639250,%22n%22:0,%22f%22:-4,%22dn%22:43,%22dne%22:45,%22c%22:45,%22s%22:310,%22ce%22:763,%22rq%22:763,%22rp%22:1279,%22rpe%22:1279,%22dl%22:1288,%22di%22:3754,%22ds%22:3755,%22de%22:3793,%22dc%22:4400,%22l%22:4400,%22le%22:4402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=4487&ref=https://kumi93kumi.com/FirstTech/&ap=27&be=2292&fe=4401&dc=3756&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668571639250,%22n%22:0,%22f%22:-4,%22dn%22:43,%22dne%22:45,%22c%22:45,%22s%22:310,%22ce%22:763,%22rq%22:763,%22rp%22:1279,%22rpe%22:1279,%22dl%22:1288,%22di%22:3754,%22ds%22:3755,%22de%22:3793,%22dc%22:4400,%22l%22:4400,%22le%22:4402%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:07:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76ad5c096e17b4e8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=82184cf97cd86c55; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
104.17.43.19200 OK 4.3 kB URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
IP 104.17.43.19:0
File type PNG image data, 192 x 192, 4-bit colormap, non-interlaced\012- data
Hash f559d931134bca72ab30201a5d814e36
34a54f529ad572313cbbda37d5485dbf39693a04
7a10862a91523af52c5fb3b4dc50039d919a54a0a3365d7335a40d6f77f037bf
GET /Orbital/Connexus/favicons/android-chrome-192x192.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:24 GMT
content-type: image/png
content-length: 4253
last-modified: Mon, 24 Oct 2022 06:12:53 GMT
etag: "d4719da66fe7d81:0"
x-svr: WEB163242
expires: Wed, 16 Nov 2022 04:17:24 GMT
cache-control: max-age=600
cf-cache-status: MISS
accept-ranges: bytes
cf-request-id: 152037d99d0000b51d77801000000001
set-cookie: __cf_bm=H_ZJXjScNDayeo5BYctnumhhn2GL1K4vmqKY.psXgww-1668571644-0-AQiAXWm+PlYANpg0zKWDkmsGIvjhJ0g1LmiV8XbAGZqP+/NgFjIdIOPvJAEp68gj6n3Ej54miLe5XAdcsMXuFHQ=; path=/; expires=Wed, 16-Nov-22 04:37:24 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76ad5c08fcc1b51d-OSL
X-Firefox-Spdy: h2
bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5001&ref=https://kumi93kumi.com/FirstTech/&st=1668571639250
162.247.241.14200 OK 36 B URL HTTP/1.1 bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5001&ref=https://kumi93kumi.com/FirstTech/&st=1668571639250
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash cbd008df3315fa79f202c6b9ea61604b
eea4faa3f70f7e545f328e3702ea0c73012baa5f
f16b95c0222cb80d0eb5dcf543adb54e856ae79005942eadbebff8eca64f39aa
POST /resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5001&ref=https://kumi93kumi.com/FirstTech/&st=1668571639250 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 8085
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:07:25 GMT
Content-Type: text/plain
Content-Length: 36
Connection: keep-alive
CF-Ray: 76ad5c0c4f12b4e8-OSL
Access-Control-Allow-Origin: https://kumi93kumi.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5009&ref=https://kumi93kumi.com/FirstTech/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5009&ref=https://kumi93kumi.com/FirstTech/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5009&ref=https://kumi93kumi.com/FirstTech/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 230
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:07:25 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76ad5c0c5dc8b4eb-OSL
Access-Control-Allow-Origin: https://kumi93kumi.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K-Js3sppuhzF03KF0M0wVw5GCSaq5VfHDbzU2DyEwjiARRDsccGYbQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:54 GMT
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
age: 22354
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/AlkamiLogos.ttf?636833168113326186 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/login.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext.js
163.44.185.205200 OK 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/ext.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:07:21 GMT
content-type: application/javascript
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/login.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/Alkami-font.ttf?636833168113296155 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.1351416261.1668571642; _gid=GA1.2.340041009.1668571642; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 04:07:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2