{"report_id":"297d00f4-e446-4608-b23a-245860990e20","version":6,"status":"done","tags":["mt_bank","financial","phishing"],"date":"2026-03-31T14:05:09Z","url":{"schema":"http","addr":"marylandmy.click/log-in","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":0,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"title":"Log in to M\u0026T Online Banking or Commercial Treasury Center","dom":{"size":92853,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2089)","md5":"2141ebcd9d88d66231bce574c04065c8","sha1":"b9ecc94af7b4723293fd71bc5d1690ec34958c28","sha256":"e4864105bc675e4ba87a02578039e64b402c47c45d945011b809cbe1ac03967c","sha512":"e6d6f1e67e3dfeceb58db3e2100821be780803744937d15cfca8ef1286f76566525f67fccb43744e87a5ae92b001f18e7efee1e15d617591a726d97e9d1bc40a","ssdeep":"768:6MkFny8EMnCQ/FC6N8pgcCDnInuSLuvZHvZ1lzVlv:6/F5EMn3rkOnIn2ZPZbRlv","tlshash":"3093b41294f2051a5197919abff313392f26c047ea4aab543aec0798cfd7d81de2376c","dom_hash":"domhashf05e22d3f298cf630994edd54cf2b78a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"marylandmy.click/log-in","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":0,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-05T14:05:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]},"summary":[{"fqdn":"marylandmy.click","ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":72,"request_count":22,"received_data":1183702,"sent_data":10390,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Adobe Experience Manager","description":"Adobe Experience Manager (AEM) is a content management solution for building websites, mobile apps and forms.","website":"https://www.adobe.com/marketing/experience-manager.html","common_platform_enumeration":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*","icon":"Adobe Experience Platform.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3c7b8311a8f6dd2a2a44899c032e482","sha1":"013dac571e61085f02d2129e9f44b8f00daccfea","sha256":"3dfd13c601d3001b507f2fd4ac8bb26408f09fefa3fbbf51561860381edb6c9e","sha512":"8cdca9159e17e46d467b3c319c147ba373c8c03b42116070a9182d2ee51d9c14baedfe048d1317f41f709ed10a06459b92e3a58d09560a77c5044dad31283a46","ssdeep":"","tlshash":"c461568b2563112800b750af5ab38170e73add47f387e6a474ce07814fcaa409a27f7e","size":3276,"data":"","first_seen":"2026-03-31T14:05:16.077417Z","last_seen":"2026-04-01T01:54:45.974818Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7b55b48403462baf8d151c0ad5c6ca4d","sha1":"2c28fac94e596c66e6194975edc1bfc6b308b0c3","sha256":"411dc3600f9692b0e173a384be786190a991cf3c8fb57c54b41689acbd2535ac","sha512":"29d2e7b20c5a03782b8969471ab78ce7a13fa9d3ecf9fd5520e4b09051c0fd2671d6fa14dfca855026cf145398277d68a93c81fecc78fe537facad1dfa5ba487","ssdeep":"","tlshash":"56116b1aa076a840806b30327bef4404268a91a34107ca087c6d5ef7efe46384b70bef","size":923,"data":"","first_seen":"2026-03-31T14:05:16.07924Z","last_seen":"2026-04-01T01:54:45.975884Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/js/vendor.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c58e04b134c40afb417957f4a3f84474","sha1":"0218ca714ac24e5443cb8e5418e0619473684bad","sha256":"7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54","sha512":"dc182d1766a038e8a0359f2cd1fd4eb71492613a75e8245d9e0c5cec7515ce33c790ef959017a6f30efceaf47e07753700b77b7323fe7ca98dc1d0753aeb8cf3","ssdeep":"6144:Jhi8eGRXufsr5zQ47GKuh5tEyQ3Hx2NieePiq:3iURXm05d3kNie+iq","tlshash":"a93419ccb786321246ab30f9006f910ab27b59b9680988a4f49cd1d57fbce4941b7f7d","size":242353,"data":"","first_seen":"2023-04-08T06:23:39Z","last_seen":"2026-04-03T21:49:45.751796Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"754be263bdc3fd38205b12708f8cc07d","sha1":"23b37439c80808fba144668a3d73b5c349ce548a","sha256":"479dc7d900cbada8017f63d3ab3d03afb1dcab17c61f2774b49328cbb721cdff","sha512":"eee604e36338ccc4c5c1cf85d91a2758bad3c6e4ed0773928adb41fba7482884daa474eddb59abb02612c13459b0d97ffcc7030c01445a36e2053bb7194c0058","ssdeep":"","tlshash":"82d09b3474ad2055423f15211cf661087f15f477a3510160754c94944f68731525bd4e","size":216,"data":"","first_seen":"2026-03-31T14:05:16.080844Z","last_seen":"2026-04-01T01:54:45.976909Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"b366ba94e4b6115f7fd176af23fe93ba","sha1":"543d0e24de25f8124025b76a473f1710d24859a3","sha256":"3ce7e42ccacd24bdcc25cdc82015f219ea4e5df33b106554aea858e16bc2f2c7","sha512":"6e7fb52474a4cb5aafee7bcf57ecf197d1544c81afaf89f4b43f7623f8129f601c188002c7222e5bffd50cc985c07fee3536943f2773cd51b2eabef12d7aa573","ssdeep":"","tlshash":"d811af62cdba285e101b501e70b6e014474d852653c4d37374acb45edf9c4174932fb9","size":1023,"data":"","first_seen":"2026-03-31T14:05:16.082414Z","last_seen":"2026-04-01T01:54:45.977765Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"marylandmy.click/images/white%20logo.png","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/white%20logo.png HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 12 Mar 2025 20:51:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d1f3d4-1348\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4936,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced","md5":"c0147602bcf486443b17ad6f3e31b2af","sha1":"5b1b036726ede6f2186c0e85ad1a201f560ecd64","sha256":"68d12e8086357835fc398c26ffc15a2ad73d6c1ceb930e545982149af754e652","sha512":"c34755d7f65d30d0c1e1cb09901166b80c433d393ce6705a0fa7ce0ec27836a153fa59ec57bc43eef8c2a58ded8c5e03b1757028db80c24b21c208dfc630bd21","ssdeep":"96:zJovpkNJNWNCxwuennSbLL2Xiu7ULX+kq8ilPo0YNggnC5sxi/b1VqXCmY:zJohkNfsCxwuennSbLLxOR8iq0FgnA/7","tlshash":"b1a17d457f82aaf2948fc63472f878353ab71641a5e094dbb4c4ec427d0a3137951d9b","first_seen":"2023-05-04T05:55:40Z","last_seen":"2026-04-01T01:54:45.966482Z","times_seen":32,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/images/icon-global-nav-hamburger-menu.svg","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/icon-global-nav-hamburger-menu.svg HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1473\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nConnection: keep-alive\r\nETag: \"67d1f35e-5c1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1473,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"baa94a4a3579b083238e95bb192e964b","sha1":"448e73b3e57dfc5d9ee2fe2c5f6ea67fbd7f647c","sha256":"93408940d1f3117f4684536d8efb0c77c24cd7806eb01b2127ce3925554f09cc","sha512":"eb5c8ac5fbe5cbbce9d0efd864ecbd80dde5eedc71a806da33968b86c403ef90856c0a8870b06ee122f15aca7286c5b533d219d3803d1dca55e70e77e5b2a0d7","ssdeep":"","tlshash":"a531ae14a378a43ffd01937c856fe49a5c29b8c27913d0dadf81655bf011d9e6c24d4b","first_seen":"2023-10-13T22:07:23Z","last_seen":"2026-04-03T21:49:45.778329Z","times_seen":44,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-light_1.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-light_1.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/images/favicon.ico","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 15822\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nConnection: keep-alive\r\nETag: \"67d1f35e-3dce\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15822,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced","md5":"652a2382a1d4d1159bffe5dd9c77877d","sha1":"84b893fd39255950601da0c8d65735d28e775892","sha256":"acfa0cc8b42493333d9032c79e4d91d7bbdd40995a283a3945075da6fb2f3cfb","sha512":"81d0806d8d2657e623f91824d44dc33f4d5375b96a1768b64c741e5a2cb02d443236f565763c38e651003bf81f4603569f506a5571b95cc05859e1d9d58517fb","ssdeep":"384:RCuVI4IrVf3dZRDmmGGjuEQeFmmOg52gbm:RdlOV/hmm3juEQeTK","tlshash":"9062be9be2a1031010f7ded572aa5568f8a0c3781fa3e06c7c56401954bb8feac974af","first_seen":"2023-04-07T18:40:37Z","last_seen":"2026-05-17T13:20:44.864613Z","times_seen":337,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/images/equal-housing-lender-logo.png","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/equal-housing-lender-logo.png HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 12 Mar 2025 20:51:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d1f3d4-5e5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1509,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 18, 8-bit/color RGBA, non-interlaced","md5":"df5acca843cd10a9f0b683403207812f","sha1":"40e3af1ed5c19e8caf85eb9d5a11c92e1e7ed624","sha256":"46c43686825a8cb8bf832253977abfb4871e5d9014cb6912e8519c736a6253d3","sha512":"18d3704fbca6ea3389f4d573bdc96198321d738beaafddf5622834bab6539819db38b7682a830d72d091e7dd33f194f4d6edf55984dd2634b2e818c47ee21cd0","ssdeep":"","tlshash":"0c31b587ea41b871d34ae0a11cf6d033ed6108c0c9c8e8637a8fc64d69751fa04486c7","first_seen":"2023-08-30T03:09:10Z","last_seen":"2026-04-01T01:54:45.969049Z","times_seen":32,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/js/clientlib-base.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /js/clientlib-base.js HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":46,"dns":0,"connect":18,"send":0,"wait":50,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/images/login-page-bb-fraud_1.jpeg","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/login-page-bb-fraud_1.jpeg HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 12 Mar 2025 20:51:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d1f3d4-d8dd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x816, components 3","md5":"ac4569ec1117264dc5c59bc0db69c0f7","sha1":"82ee7329aa67b2d249130000770bebfb2bfd8a48","sha256":"27bde378f8373ab319c145b87d906845892c911bbf30217a0764cb43637a40c9","sha512":"d4a4423763bfb13a1aa58906dcb70bb270a8c90346aad7179af1c2b1cc050c3137f85db2d5b47f9d8b50c57afe6e1dafc8d349e77b2b79d95ddfb2f62cf58845","ssdeep":"1536:AGdsM4mhlwC4Jaz2tabL1d9FzqoQM/L80TknO:r/4mhSC4Kt1d9ZvQMI0gnO","tlshash":"bf43f2420c9e5ce2ef2babd8dd4d4e8d9bca9e889188f7e9bfe42d455916c114e4e004","first_seen":"2026-03-31T14:05:16.058988Z","last_seen":"2026-04-01T01:54:45.969868Z","times_seen":4,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":103,"dns":1,"connect":25,"send":0,"wait":37,"receive":17,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/images/chevron_down.8adc6731.svg","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /log-in/images/chevron_down.8adc6731.svg HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-book_1.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-book_1.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-medium_1.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-medium_1.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/js/mtb_app_wbk.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /js/mtb_app_wbk.js HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":38,"dns":0,"connect":15,"send":0,"wait":27,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/js/cdsession.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /js/cdsession.js HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":49,"dns":1,"connect":19,"send":0,"wait":44,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/images/login-page-bb-fraud.jpeg","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /images/login-page-bb-fraud.jpeg HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 12 Mar 2025 20:51:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d1f3d4-d8dd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x816, components 3","md5":"ac4569ec1117264dc5c59bc0db69c0f7","sha1":"82ee7329aa67b2d249130000770bebfb2bfd8a48","sha256":"27bde378f8373ab319c145b87d906845892c911bbf30217a0764cb43637a40c9","sha512":"d4a4423763bfb13a1aa58906dcb70bb270a8c90346aad7179af1c2b1cc050c3137f85db2d5b47f9d8b50c57afe6e1dafc8d349e77b2b79d95ddfb2f62cf58845","ssdeep":"1536:AGdsM4mhlwC4Jaz2tabL1d9FzqoQM/L80TknO:r/4mhSC4Kt1d9ZvQMI0gnO","tlshash":"bf43f2420c9e5ce2ef2babd8dd4d4e8d9bca9e889188f7e9bfe42d455916c114e4e004","first_seen":"2026-03-31T14:05:16.058988Z","last_seen":"2026-04-01T01:54:45.969868Z","times_seen":4,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":104,"dns":0,"connect":0,"send":0,"wait":32,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-medium.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-medium.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: font/woff\r\nContent-Length: 64318\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nConnection: keep-alive\r\nETag: \"67d1f35e-fb3e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64318,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 64318, version 1.0","md5":"b245a55f7e33e1cf4d2477570936ef84","sha1":"12bf1c1eda6db246778f7c343acebbaad8fa36f4","sha256":"b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc","sha512":"52303bdb1a193fdec98f139447b6acf17dc51ec36b5dccb06b9796b57222e81a09f89e9a012ac9afb0d26f9f93cba73121051afcb8276a4834a96a3abfbeb7a5","ssdeep":"1536:28OdL6GL/lzNg34+BPE42aEUsEgx794VgxuR27p/:qx6ylzNgXBsmsEgVu0p/","tlshash":"88530299ad05de8afc3023f83f5d511aa859441d5a8b303181232c046ffbff5ad686ed","first_seen":"2023-04-07T18:40:37Z","last_seen":"2026-06-03T14:27:52.201569Z","times_seen":353,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-31T14:04:47.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /log-in/ HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:47 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 13834\r\nConnection: keep-alive\r\nLast-Modified: Thu, 26 Mar 2026 10:24:05 GMT\r\nETag: \"16349-64deac8b11b40-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Adobe Experience Manager","description":"Adobe Experience Manager (AEM) is a content management solution for building websites, mobile apps and forms.","website":"https://www.adobe.com/marketing/experience-manager.html","common_platform_enumeration":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*","icon":"Adobe Experience Platform.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":90953,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (655)","md5":"d64e92f37a76e74451427fe993a27764","sha1":"0495db43d9448e8bcb2b37daf3fda661c81077b0","sha256":"e42fe455b976a1be4afc7e3debfe1e291844bd3b309017eecb758adcc8ed6eff","sha512":"65bb4d739222f513f2fba60f814d404f67e17f457c8b1ef8e2c7444357a0a248d10c77309d7b412f1d9b45e6fd45cb4e690f7623d499a341a07eff35ce8958d6","ssdeep":"768:QvM8EPRMFC6N8pgcRAnoSLuvZHvZ1lJ6lz:QrE2rk+nEZPZbIlz","tlshash":"fd93d81348f1011661a3815bbfb657286f62c407e60abb5079ed479c8fe6d40df23bac","first_seen":"2026-03-31T14:05:16.064975Z","last_seen":"2026-04-01T01:54:45.973975Z","times_seen":4,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/css/clientlib-base.css","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /css/clientlib-base.css HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 12 Mar 2025 23:03:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d212b0-66545\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":419141,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1334)","md5":"5c5831a8a5eaeb1de54b470d5d0c8345","sha1":"a8d9d48d8735ea84229132c11a585283216fb259","sha256":"1719bc9d342c6bcc041835b068350614cc850a48acecec77a6879046e0a17172","sha512":"86f7afe8eef978df7e0468527ab73b8f6cec663aa38774eb09af04714fb1de1ac25b1dad8a06a2355f8bdce94cc857c663f681ef6bbf19b44ed857f5aa7e12ed","ssdeep":"6144:vxfst9RCXvNzOYNx2g6xfZmfU0Q2lcwW9BDQ2lcWdBq:ZqCXvNzOYNx2g6xfZmfU0MwW9BDMWdBq","tlshash":"3f9475475bf22109b02699a976bf661177385013d28fcdf8badc6148ef8d6c045e2bce","first_seen":"2026-03-31T14:05:16.067249Z","last_seen":"2026-04-01T01:54:45.968275Z","times_seen":4,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/js/clientlib-base.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /js/clientlib-base.js HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/log-in/images/Login-Minimal-Modal-Background.jpg","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /log-in/images/Login-Minimal-Modal-Background.jpg HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 279\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":279,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"757d5afcc2da2b7508575ea5774d6755","sha1":"67f02087be6ab73422631ef87ae364bc8947f918","sha256":"f2135ce962789e3653e0a7853fbe581ee9b341606baa9df5bda02891d19c78a1","sha512":"c389bc9898ed00099868d6730fde349944a2de52abc772905126cb4e3d400a4ca2931118e5ce806ece92c5ac36162830e0df5cffdfa0242494fcc0cb8282d7a7","ssdeep":"","tlshash":"58d02b9f505363874813146039c125c2268d12e6a43a81ac3d86d48762ac63ecedaa99","first_seen":"2026-03-31T14:05:16.050708Z","last_seen":"2026-03-31T14:57:00.901488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-book.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-book.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: font/woff\r\nContent-Length: 67671\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nConnection: keep-alive\r\nETag: \"67d1f35e-10857\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67671,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67671, version 1.0","md5":"6cd469e8613d82d4d07834a5ca7745f0","sha1":"95347ba0a03d27e1aa91bc17c937d8aefe53e6ff","sha256":"4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2","sha512":"a8467b45909efca7ef65df6507abaac32f0f12c3f896dc9ee15a6fae8cb0a4a30a0adbb75e9541fb576cf796ac823c6502bd89234b88fd5d440f0939c84d06c9","ssdeep":"1536:I1Houj8hOAJ9XPNV1t+/tSJhJaPnQCsq4rpYQbyLy:Idoi8/L1tktSJqPnQOUyLy","tlshash":"fc630204f2c95d8ae3585bf1f376604968581e79add1cd1a230f00a6d73fbaa43aaf41","first_seen":"2023-04-07T18:40:37Z","last_seen":"2026-06-03T14:27:52.203498Z","times_seen":363,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/fonts/mandtbaltoweb-light.woff","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /fonts/mandtbaltoweb-light.woff HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/css/clientlib-base.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: font/woff\r\nContent-Length: 66170\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nConnection: keep-alive\r\nETag: \"67d1f35e-1027a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66170,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 66170, version 1.0","md5":"2c232501b80100ac5022cb84380a6df4","sha1":"79898c6b15d379850157a7b44d55d8694eb54b1f","sha256":"18c9c9a98b2a0de85fb63e8fc0fbf0dd575b45d76cfdd22220f4c7d9caf0b99a","sha512":"5e30d384a6bea096863ac023a1da2ac0b18de4c4c4ec84dd4f7202f66e3af3aeed16b337c6953c4c9e8494f4384b5415e062cd80eabb4552adcfa944e9afaa3b","ssdeep":"1536:11757u2MtOeMXMs2VhUnurR2YufI6tB6mo+b:1dpu2MOeaCVhU0RYd6mo+b","tlshash":"ae53020afb0d9e00b31dd5389991af98b16496f3622ad203d1d52ff4d77b8ac43586ce","first_seen":"2023-04-08T06:23:39Z","last_seen":"2026-06-03T14:27:52.197397Z","times_seen":62,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - M\u0026T Bank","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with M\u0026T Bank phishing","tags":["mt_bank","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"marylandmy.click/log-in","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-31T14:04:47.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /log-in HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:47 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 323\r\nConnection: keep-alive\r\nLocation: https://marylandmy.click/log-in/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":90953,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":94,"dns":48,"connect":16,"send":0,"wait":24,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marylandmy.click/js/vendor.js","fqdn":"marylandmy.click","domain":"marylandmy.click","tld":"click"},"ip":{"addr":"91.92.21.9","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marylandmy.click/log-in/","date":"2026-03-31T14:04:48.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marylandmy.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:55:18 GMT","end":"Tue, 23 Jun 2026 11:55:17 GMT"},"fingerprint":{"sha1":"88:70:4D:76:74:59:10:7B:35:60:A1:B4:B8:94:6B:AC:6A:F6:A1:76","sha256":"33:EA:06:49:7B:1A:D0:4C:D4:2E:A4:E2:D0:CD:A1:D8:25:4F:17:48:46:49:C6:95:35:99:40:4C:27:1A:DA:83"}}},"request":{"raw":"GET /js/vendor.js HTTP/1.1\r\nHost: marylandmy.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marylandmy.click/log-in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Tue, 31 Mar 2026 14:04:48 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 12 Mar 2025 20:49:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"67d1f35e-3b2b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242353,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (53751)","md5":"c58e04b134c40afb417957f4a3f84474","sha1":"0218ca714ac24e5443cb8e5418e0619473684bad","sha256":"7146e4edda9b9a7502b1b6935983787c3bba8a34a95cebde1577409a9e33cd54","sha512":"dc182d1766a038e8a0359f2cd1fd4eb71492613a75e8245d9e0c5cec7515ce33c790ef959017a6f30efceaf47e07753700b77b7323fe7ca98dc1d0753aeb8cf3","ssdeep":"6144:Jhi8eGRXufsr5zQ47GKuh5tEyQ3Hx2NieePiq:3iURXm05d3kNie+iq","tlshash":"a93419ccb786321246ab30f9006f910ab27b59b9680988a4f49cd1d57fbce4941b7f7d","first_seen":"2023-04-08T06:23:39Z","last_seen":"2026-04-03T21:49:45.751796Z","times_seen":48,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":51,"dns":1,"connect":18,"send":0,"wait":31,"receive":26,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-31","alert":"Phishing Block","trigger":"marylandmy.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-31","alert":"Sinkholed","trigger":"marylandmy.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}