| nfcuvfgy46.link/login | 104.16.243.78 | 301 Moved Permanently | 0 B |
IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Huntington Bank | | fortinet | Phishing | |
GET /login HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 03:02:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 31 Jan 2023 04:02:58 GMT
Location: https://nfcuvfgy46.link/login
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f3626fadcb51b-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4612
Expires: Tue, 31 Jan 2023 04:19:50 GMT
Date: Tue, 31 Jan 2023 03:02:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6778
Expires: Tue, 31 Jan 2023 04:55:56 GMT
Date: Tue, 31 Jan 2023 03:02:58 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 02:35:51 GMT
content-type: application/json
age: 1627
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21417
Expires: Tue, 31 Jan 2023 08:59:55 GMT
Date: Tue, 31 Jan 2023 03:02:58 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fDNh5GMZeECxc0ckvTsT00MPbCc3jsGRthMxbm2xZ3dh+NbS/EM5GLMrm1tQ7iqRWSMAvbl6GTk=
x-amz-request-id: WPF6P7KQB9PS281A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 02:22:02 GMT
age: 2456
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:02:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashe1dd67c1e0535eea6d4edce4e296f882 8cde001f92e9337a53661aad53eed56b9e3699b0 3a8ba5a642550bf4c8f9c1f1c2d1ac56a13f2220c0ee614dd6b59720932fe1ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:02:58 GMT
Server: ECS (amb/6B7E)
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 02:49:04 GMT
age: 835
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5271
Expires: Tue, 31 Jan 2023 04:30:50 GMT
Date: Tue, 31 Jan 2023 03:02:59 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.39.218.209 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.218.209:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rqvz9sM7C9KUX1SmW3unHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cii1X3aTvGbWC+Lyl5ml4xPn5ow=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5d9d5e33214cd6e670cf6bbcd351de8f 8432044013847b8d4799aec9bae4e73fcb943249 fb3bda4222c9588f0fa878c1edda3f61ce5fa40e89958e3137a8c8a1e3fecdc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1332
Cache-Control: max-age=167917
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:03:00 GMT
Etag: "63d86c9d-1d7"
Expires: Thu, 02 Feb 2023 01:41:37 GMT
Last-Modified: Tue, 31 Jan 2023 01:19:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5d9d5e33214cd6e670cf6bbcd351de8f 8432044013847b8d4799aec9bae4e73fcb943249 fb3bda4222c9588f0fa878c1edda3f61ce5fa40e89958e3137a8c8a1e3fecdc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3819
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:03:00 GMT
Last-Modified: Tue, 31 Jan 2023 01:59:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5d9d5e33214cd6e670cf6bbcd351de8f 8432044013847b8d4799aec9bae4e73fcb943249 fb3bda4222c9588f0fa878c1edda3f61ce5fa40e89958e3137a8c8a1e3fecdc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1332
Cache-Control: max-age=167917
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:03:00 GMT
Etag: "63d86c9d-1d7"
Expires: Thu, 02 Feb 2023 01:41:37 GMT
Last-Modified: Tue, 31 Jan 2023 01:19:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5d9d5e33214cd6e670cf6bbcd351de8f 8432044013847b8d4799aec9bae4e73fcb943249 fb3bda4222c9588f0fa878c1edda3f61ce5fa40e89958e3137a8c8a1e3fecdc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3093
Cache-Control: max-age=169678
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:03:00 GMT
Etag: "63d86c9d-1d7"
Expires: Thu, 02 Feb 2023 02:10:58 GMT
Last-Modified: Tue, 31 Jan 2023 01:19:25 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58 | 104.84.152.187 | 200 OK | 449 B |
URL HTTP/2www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58 IP104.84.152.187:0 ASN#20940 Akamai International B.V.
File typeHTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (859), with no line terminators Hash648a49d01455e0be73da9e42a8617016 e7ccaaffff511ad60775110a51d1397520ec50b1 cc8f79aa4f6c0fe7efabdde6ffc887aff179327d960992a4a4d760afb734bfeb
GET /-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 2d91d2b82c4a40438297b714b6e7ceb5
last-modified: Mon, 11 Dec 2017 15:39:44 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="logo-honeycomb.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1838116293"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=1513320
expires: Fri, 17 Feb 2023 15:25:00 GMT
date: Tue, 31 Jan 2023 03:03:00 GMT
content-length: 449
X-Firefox-Spdy: h2
|
|
| www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97 | 104.84.152.187 | 200 OK | 764 B |
URL HTTP/2www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97 IP104.84.152.187:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash842c50db22ce317c9fdd556a89a56ed7 16618234768512011cbfa25fbe4a2058182c2438 35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
GET /-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 764
content-type: image/svg+xml
etag: 57637a2d5858427aba58213dfd85741c
last-modified: Tue, 08 Mar 2022 19:24:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="EHL_Black_HouseOnly.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="2136463186"
x-ua-compatible: IE=edge
cache-control: public, max-age=1972227
expires: Wed, 22 Feb 2023 22:53:27 GMT
date: Tue, 31 Jan 2023 03:03:00 GMT
X-Firefox-Spdy: h2
|
|
| www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC | 104.84.152.187 | 200 OK | 1.6 kB |
URL HTTP/2www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC IP104.84.152.187:0 ASN#20940 Akamai International B.V.
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3955), with CRLF line terminators Hashc54fde5c7f10f3373c14c27609946887 76f3a105d90a2ee61357401656a063b0d1a460c3 791aacc8fbb8221f0828eb1412475de0a403000a13db9760a178177035195e6a
GET /-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 25ac81b1cb8b4557ac63e0186de9a92b
last-modified: Tue, 14 Jul 2020 14:26:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="lockup.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtRpid;desc="-813670566"
x-ua-compatible: IE=edge
content-length: 1578
cache-control: public, max-age=1705261
expires: Sun, 19 Feb 2023 20:44:01 GMT
date: Tue, 31 Jan 2023 03:03:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif | 104.84.152.187 | 200 OK | 217 B |
URL HTTP/2www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif IP104.84.152.187:0 ASN#20940 Akamai International B.V.
File typePNG image data, 18 x 18, 8-bit grayscale, non-interlaced\012- data Hash756ea9671899d785a86de4dcc11af817 89c6975e8d8a858e94aeed1c69b010abf2afd563 6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
GET /Presentation/onlineopinionV5/oo_icon_retina_black.gif HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "09489568927d91:0"
last-modified: Sat, 28 Jan 2023 00:10:14 GMT
server: Akamai Image Manager
x-serial: 430
x-check-cacheable: YES
content-length: 217
content-type: image/png
cache-control: private, no-transform, max-age=90893
expires: Wed, 01 Feb 2023 04:17:53 GMT
date: Tue, 31 Jan 2023 03:03:00 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Tue, 31 Jan 2023 06:09:49 GMT
Date: Tue, 31 Jan 2023 03:03:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Tue, 31 Jan 2023 06:09:49 GMT
Date: Tue, 31 Jan 2023 03:03:00 GMT
Connection: keep-alive
|
|
| nfcuvfgy46.link/_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js | 104.16.243.78 | 200 OK | 554 B |
URL HTTP/2nfcuvfgy46.link/_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js IP104.16.243.78:0
File typeASCII text, with no line terminators Hash5c93e910e81189c680d97726e71997ee ca843f7307a28b0a9055ef200b26847a3d132fc9 79896f7a7f8f63ab6a06c7c6edbdc28ffcf713edea745beeebf7d452bc034157
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"4c-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e3c55b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/642-1ddc0889e5bf46d8.js | 104.16.243.78 | 200 OK | 37 kB |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/642-1ddc0889e5bf46d8.js IP104.16.243.78:0
File typeUnicode text, UTF-8 text, with very long lines (39747) Hashdd421db4948d429a1189aeb80efe03ad e316776c656989611464edfb91ae3698e1b9af14 18d86d7ed71a2bd6339574f0c57ce13410a71033b716fa514387d4c7ea7888bf
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/642-1ddc0889e5bf46d8.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1387c-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c51b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcbc9f50b0a96fb69fa2e948aa3125413 e7f13a6e81263e73ac5777959d63b567f50848d5 2e3411687a31211dbf0aa732f8d93a3c5a4748afb264e695d36782700c8e8b5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12906
x-amzn-requestid: a1b3b104-14dc-4cc9-a3fb-b2fcc8f7700c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiPRrGSOIAMF-5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d72c0a-6e5a348670f401e076a59286;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 02:31:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TqLNvyBKeFgNPTUSFH__8lKjIc22VLORy0pTdCvkHsmiS8WpEd1aMQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:32:23 GMT
age: 16237
etag: "e7f13a6e81263e73ac5777959d63b567f50848d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js | 104.16.243.78 | 200 OK | 12 kB |
URL HTTP/2nfcuvfgy46.link/_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js IP104.16.243.78:0
File typeASCII text, with very long lines (2250), with no line terminators Hash4ec93a33bd87d2132e19fb7733c5bf5b 6996de0f42161a88b4f89422f43b02609d19e623 b42a9b96f77f0358036f1b189e79f03382d0257f854f93659001bf4062870108
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"8ca-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e3c54b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 8998
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash976dda397f9292a498ca9db5599c0378 dad9e9c3462907a2475046aee36d57f8309cd44e 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 4821
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1e575f4c5e3aa793f846cadc8baf386c f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d 09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_9G8DIAMF64A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:51:25 GMT
age: 83495
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/fonts/muli-v11-latin-700.woff2 | 104.16.243.78 | 200 OK | 18 kB |
URL HTTP/2nfcuvfgy46.link/fonts/muli-v11-latin-700.woff2 IP104.16.243.78:0
File typeWeb Open Font Format (Version 2), TrueType, length 17948, version 2.0\012- data Hasha5f6dc5210a89797e999fa7eaf52821a 6a8a2453f18b33cba51bbf770c903c0b47c3b502 8ae481bb79bfc320bd91e327cc14f9e118d72b52dfd3745c5e156578429a0a1f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:03:00 GMT
content-type: font/woff2
content-length: 17948
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"461c-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f36318d8fb4eb-OSL
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/fonts/muli-v11-latin-regular.woff2 | 104.16.243.78 | 200 OK | 18 kB |
URL HTTP/2nfcuvfgy46.link/fonts/muli-v11-latin-regular.woff2 IP104.16.243.78:0
File typeWeb Open Font Format (Version 2), TrueType, length 17852, version 2.0\012- data Hash8082d8a1c6eeb1958eddb2360e26216f 459edb3f9d690e3337c541b6ece1339a1575c4e3 50043bf7edd0dd29f30ccba8b27eb98d3df68cb25663390c59ce40061ca8c0d1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /fonts/muli-v11-latin-regular.woff2 HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:03:00 GMT
content-type: font/woff2
content-length: 17852
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45bc-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f36319d94b4eb-OSL
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/fonts/muli-v11-latin-300.woff2 | 104.16.243.78 | 200 OK | 18 kB |
URL HTTP/2nfcuvfgy46.link/fonts/muli-v11-latin-300.woff2 IP104.16.243.78:0
File typeWeb Open Font Format (Version 2), TrueType, length 17592, version 2.0\012- data Hashebc70f1e2fe14617fdded2ed675c172f b6584928f866f6946e56306d62f2563a375b28e6 fb7629ef257626018d08ccc53eeb20910eef9cb1226353e463cf3d59f078c395
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:03:00 GMT
content-type: font/woff2
content-length: 17592
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"44b8-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f36319d97b4eb-OSL
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/fonts/muli-v11-latin-600.woff2 | 104.16.243.78 | 200 OK | 18 kB |
URL HTTP/2nfcuvfgy46.link/fonts/muli-v11-latin-600.woff2 IP104.16.243.78:0
File typeWeb Open Font Format (Version 2), TrueType, length 17824, version 2.0\012- data Hasha1f853115a1ca7752b668218fcd77176 9d3e8c361c75b4e290482b0a2e5f078d7b269caf 2d92af96b73729cc46ac768a250bafc9890092b5f53e9cd2b709d5f48c2263e7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:03:00 GMT
content-type: font/woff2
content-length: 17824
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45a0-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f3631ad9db4eb-OSL
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/fonts/muli-v11-latin-600.woff2 | 104.16.243.78 | 304 Not Modified | 0 B |
URL HTTP/2nfcuvfgy46.link/fonts/muli-v11-latin-600.woff2 IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 01 Jan 1980 00:00:01 GMT
If-None-Match: W/"45a0-49773873e8"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 31 Jan 2023 03:03:01 GMT
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45a0-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 304
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 791f36357f33b4eb-OSL
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash932f9938c0cf6a0073ade7aa5fbe63ee 10b2c53728e16614bc96fbce22e98a135e8fdc16 25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 18833
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/css/b57f3945d623ce44.css IP104.16.243.78:0
GET /_next/static/css/b57f3945d623ce44.css HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"14b939-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c48b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/main-e0ddca6ca271803b.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/main-e0ddca6ca271803b.js IP104.16.243.78:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/main-e0ddca6ca271803b.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1a138-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c4db4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/framework-715a76d8b0695da7.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/framework-715a76d8b0695da7.js IP104.16.243.78:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/framework-715a76d8b0695da7.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"228bd-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c4cb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/pages/login-0b0e0a92b67f019e.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/pages/login-0b0e0a92b67f019e.js IP104.16.243.78:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/pages/login-0b0e0a92b67f019e.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1deb9-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e3c53b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/login | 104.16.243.78 | 200 OK | 0 B |
IP104.16.243.78:0
Analyzer | Verdict | Alert | openphish | Huntington Bank | | fortinet | Phishing | |
GET /login HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
server: cloudflare
cf-ray: 791f3629b9ddb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/webpack-bb469f829a664d48.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/webpack-bb469f829a664d48.js IP104.16.243.78:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/webpack-bb469f829a664d48.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"891-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c4bb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/_next/static/chunks/378-f6299790a79d3f53.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/_next/static/chunks/378-f6299790a79d3f53.js IP104.16.243.78:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_next/static/chunks/378-f6299790a79d3f53.js HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:02:59 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"b149-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 791f362e2c50b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nfcuvfgy46.link/favicon.ico | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2nfcuvfgy46.link/favicon.ico IP104.16.243.78:0
GET /favicon.ico HTTP/1.1
Host: nfcuvfgy46.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nfcuvfgy46.link/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 03:03:00 GMT
content-type: image/x-icon
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"436-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
server: cloudflare
cf-ray: 791f36316d7eb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|