r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2641
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 18:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4182
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 18:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 18:35:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 17:36:06 GMT
content-type: application/json
age: 3574
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jjHWRfg9/oGXmuzaHdIbhRjYjDu9VatAvGddih2XA2NADONHokyuazSd58fE+uCck3Co4IGtt+Ck8rPM4Jd0Ug==
x-amz-request-id: 4B9SW80VEBHV7E6E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 17:52:04 GMT
age: 2616
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 18:35:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 18:07:19 GMT
age: 1702
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6974
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 18:35:41 GMT
Connection: keep-alive
push.services.mozilla.com/
54.184.50.153101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.50.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 11Pa89uQKBN3eQg2T52m5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hTpD8SsNVZfftKn64dekiVl530s=
www.hanumanchalisa.us/web/login.php
192.254.188.64200 OK 8.5 kB URL HTTP/1.1 www.hanumanchalisa.us/web/login.php
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1470), with CRLF line terminators
Hash 07bb4c32b5d1dcfd2f0bbc19b65e2324
23eaa7a47b3f9e2587e1c7da0dd5461eac6a95f8
fb47e8af31664535ce6a5bf2232cea271fce793e088b093227f5c43e4fa3369a
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
openphish The Union Bank of the Philippines
fortinet Phishing
NIDS Severity Alert suricata high ETPRO PHISHING Union Bank of the Philippines Phish Landing Page 2022-02-15
GET /web/login.php HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:36 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 8511
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5; path=/
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
104.17.25.14200 OK 5.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:42 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1209338
expires: Tue, 23 Jan 2024 18:35:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F51VFSYbLP84mq7x83xU%2B3Wbxxa3FBjXKO104rgvVZZh1urleInop7ncHCxHxKC5wnKoZS%2BNxzQIzcnMIxkF%2Bf1H4oqDAhcTh3raSuU%2B9slWVwj616MFUNrDizZWpqYettOxZ0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79350733cc6f0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
142.250.74.74200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 00:39:30 GMT
expires: Thu, 01 Feb 2024 00:39:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 150972
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hanumanchalisa.us/web/script.js
192.254.188.64200 OK 210 B URL HTTP/1.1 www.hanumanchalisa.us/web/script.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 7fc44b302d965a8942e3995ab61398f7
29ff2ae99f7cbaa592d66a08770b479ca323ea0f
101f8e0b59294b76959c7ccd61922d7d0ce1dee999368a7c5ece5265fe1e9504
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/script.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 210
Content-Type: application/javascript
www.hanumanchalisa.us/web/unionbank_files/sdk.js(1)
192.254.188.64200 OK 3.2 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/sdk.js(1)
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2088)
Hash bed46e0f7a43ef971658bde3da164aea
d4a3512ba6112886f55def602aad237dc2709501
3f6cfb2a107314566e4293ba29234e305a8d9e35dd8670fb41cbacc78f3bf22f
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/sdk.js(1) HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Content-Length: 3224
www.hanumanchalisa.us/web/unionbank_files/api.js
192.254.188.64200 OK 477 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/api.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (708), with no line terminators
Hash 46dd665b0ba594a9516d197417ae615c
ee09935166c1cbc3193004c8d1c554d537db3e8d
948c88110e9c152ca42ac39a9c727f1e23b011856566aaddb5fa0f706daeca76
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/api.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 477
Content-Type: application/javascript
www.hanumanchalisa.us/web/unionbank_files/1.1bf376f9696bfb8874af.css
192.254.188.64200 OK 507 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/1.1bf376f9696bfb8874af.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (741)
Hash 8355c2815071703949f6f77c0a163552
693c79916cf643fde93d71196f0a1543d722e7d7
43f7c0815454e21b47984b4fc23736b5b739c88931649d5f8be83fa3a2f9c3c9
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/1.1bf376f9696bfb8874af.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 507
Content-Type: text/css
www.hanumanchalisa.us/web/unionbank_files/12.1bf376f9696bfb8874af.css
192.254.188.64200 OK 200 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/12.1bf376f9696bfb8874af.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c4f781837ac655ab868f76ebd0aa001c
1d792cae3ea99a6ccfc76761672ecac9f6ce47c3
2982815644bab9c7ebbec9a3e5adb18288054b91ca05e85c189f5e592778ea5a
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/12.1bf376f9696bfb8874af.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 200
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 18:35:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 40025
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 73019
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 73007
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 73415
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 72631
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 73415
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hanumanchalisa.us/web/unionbank_files/bundle.1bf376f9696bfb8874af.js
192.254.188.64200 OK 315 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/bundle.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32811), with LF, NEL line terminators
Size 315 kB (314950 bytes)
Hash cc9cd77af9d22ab02b21e0e353cee305
a3816dc16b71e2ee0ae04e8ce5183e6a8ac8d75b
6c44945b68392252b124c1aa27d58f3dffb3a9be1dffa30f9f02929eeb6120b8
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/bundle.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.hanumanchalisa.us/web/unionbank_files/base.1bf376f9696bfb8874af.js
192.254.188.64200 OK 376 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/base.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57168)
Size 376 kB (376154 bytes)
Hash 999e24eb80bbe390ce4ee1d2a44e3f77
12911ffde30bbc0a0dd12b9dbd0c605a75052b5f
bbf313489078afe76b46fd1a4bc6f32efb6d8451b8a792d3f72c5149c5c7d8fe
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/base.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a7f7aaefea5c7c65dc3c2e83b2032919
492d09014cebce118c2ae4adb38d97637016e629
bd41dab63041d1b61138918350b5616ec031ffab572ed6e37113be12efa112e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3913
Cache-Control: max-age=119917
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:43 GMT
Etag: "63db24a3-116"
Expires: Sat, 04 Feb 2023 03:54:20 GMT
Last-Modified: Thu, 02 Feb 2023 02:49:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
IP 142.250.74.106:0
Hash 83647c56d290a96ce400a87261b32dd4
5c221a24ef401c1e31f1d130202709db92ed0a95
cde403efd84c67b683130df500ce5aa467d0803b728060d578f455feaab49580
GET /css?family=Roboto:400,700|Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 18:35:43 GMT
date: Thu, 02 Feb 2023 18:35:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hanumanchalisa.us/web/unionbank_files/7.1bf376f9696bfb8874af.css
192.254.188.64200 OK 715 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/7.1bf376f9696bfb8874af.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3822)
Hash 5241ea8c1293687fb9c9a2a24ac7e260
96d0d1f0f86c70336a41a4df5efc168252ccb386
ff522cd6f32d7ae5ca664d4a556698f246c53402ebbbb90b24267b80b7837ce2
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/7.1bf376f9696bfb8874af.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 715
Content-Type: text/css
www.hanumanchalisa.us/web/unionbank_files/components.1bf376f9696bfb8874af.js
192.254.188.64200 OK 502 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/components.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Size 502 kB (502484 bytes)
Hash 5c4f93017ba77f7fadcb57fd8b936332
9bea36794e268989a0df8bd83e070b4fdaa3e896
90f94db24a5cd3d7e600a4e1ee3988d3c690604bc978fda019c787241fcf778d
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/components.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.hanumanchalisa.us/web/unionbank_files/12.1bf376f9696bfb8874af.js
192.254.188.64200 OK 139 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/12.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65468)
Size 139 kB (139166 bytes)
Hash fbbe18e703cc722e0dd4ccd529d3b061
8f26df635304c16c567311e7ce7a7cefa170358a
73dadf3bb49fd6da9ec12b742959b7d46722430c3ef0e6d6fd40aaa9bd5b8eb3
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/12.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.hanumanchalisa.us/web/unionbank_files/7.1bf376f9696bfb8874af.js
192.254.188.64200 OK 473 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/7.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (39616)
Size 473 kB (472929 bytes)
Hash 79bdbfed0da12fdd5767150368c7e116
dba44150859e662469bff17cd3d4b22ee17ef825
7450e7ad70a0768efe4f9dd087726b89f72ec95f67e698a268b89b319c6da915
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/7.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
www.hanumanchalisa.us/web/style.css
192.254.188.64301 Moved Permanently 2.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/style.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14372)
Hash 720954bd0bd525543fcefb7ef4db0167
255d1af5bcd2e95f529658632c740c0ab91f181d
7e378f35bfacf5d4c9db85f6230ec0cdba18c83c6a925f140132617bb91e0f1a
GET /web/style.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://hanumanchalisa.us/web/style.css
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2070
Content-Type: text/html; charset=UTF-8
www.hanumanchalisa.us/web/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png
192.254.188.64200 OK 7.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 140 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c52619633aaf102bd2a577e2688fa86
83296c14c2b7c884714936baf650d47325aaf894
032cf6c781dfb488e0e19248594759087e8c2d9a18d356b977b8da35a7b20649
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Content-Length: 7050
Content-Type: image/png
www.hanumanchalisa.us/web/unionbank_files/1200px-Unionbank_2018_logo.svg.png
192.254.188.64200 OK 21 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/1200px-Unionbank_2018_logo.svg.png
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1200 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash 70f65465e7c6d090d9277be5ce120b45
8ce111118f53f497079d066a4216f61b72347b87
2e916e6e4167cd80e0f126a9d67f8c4f40af081e5d28e56516fbe492700f5fc8
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/1200px-Unionbank_2018_logo.svg.png HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Content-Length: 20846
Content-Type: image/png
www.hanumanchalisa.us/web/unionbank_files/77bcca0a353436ad0ea0.png
192.254.188.64200 OK 84 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/77bcca0a353436ad0ea0.png
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 3509 x 2482, 8-bit/color RGBA, non-interlaced\012- data
Hash b64412453cb5996f63de49d397617504
d908c3f17df3c7c1287438c1f2690e43dd3e91d5
98beb0e665f5d2724b955f00a4b80a0c5db2ba5bb8830054482a75c4384eedaa
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/77bcca0a353436ad0ea0.png HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Content-Length: 84281
Content-Type: image/png
hanumanchalisa.us/web/style.css
192.254.188.64404 Not Found 26 kB URL HTTP/1.1 hanumanchalisa.us/web/style.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (14387), with CRLF, LF line terminators
Hash cef95bf877f6ab649d189c21a524be40
16c02abf8740b8bb7379626650d8d48567abb444
3f89e04da296ac6138f70d3467b07292b9a7d4a7e8f44b45c26021e9b45d3d85
GET /web/style.css HTTP/1.1
Host: hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hanumanchalisa.us/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 18:35:44 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://hanumanchalisa.us/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.hanumanchalisa.us/web/unionbank_files/14.1bf376f9696bfb8874af.js
192.254.188.64200 OK 471 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/14.1bf376f9696bfb8874af.js
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/14.1bf376f9696bfb8874af.js HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:43 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hanumanchalisa.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 333225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hanumanchalisa.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 192399
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hanumanchalisa.us/web/unionbank_files/saved_resource(1).html
192.254.188.64200 OK 148 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/saved_resource(1).html
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e564a3905e8c87687ee0bd0b05ee76a
41e908564ec62189439e245c46b4e3efc2eebd5c
25125843e939ebb13040693deab070e1301d8cd4cbb364fef81d99788bc800c4
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/saved_resource(1).html HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:39 GMT
Server: nginx/1.21.6
Content-Type: text/html
Content-Length: 148
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
www.hanumanchalisa.us/web/unionbank_files/anchor.html
192.254.188.64200 OK 10 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/anchor.html
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10169)
Hash 4b710e1dcd2eb6f34b2dbdedcc2e217a
55403eed78c3b8f951fcc8f4561e49a0940c0848
1905caf8bf5d38feec9e358f236af1d41787fcbcd81a427fcfaaa256fbfee476
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/anchor.html HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:39 GMT
Server: nginx/1.21.6
Content-Type: text/html
Content-Length: 10343
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1343
Cache-Control: max-age=164130
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 16:11:15 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 17:45:20 GMT
expires: Thu, 02 Feb 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 3025
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js
142.250.74.35404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4926634f3217cdd97e97202504c0c3b7
f7ea00d740096e4e17e8d884b177d47004bea11e
4dc4be86e5dfd0ab45d7c2235760fe07f49bbfabf1c108c8ddae955aa5760a91
GET /recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 18:35:45 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
157.240.205.11200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
IP 157.240.205.11:0
File type ASCII text, with very long lines (18530)
Hash 0775219405912a60198bf04a09b2a9db
e55456a719823b8ae1d81a638496865d5f97a22e
df572bfa2def8caf47b3e433041ad9e4b5908869a70a048d06cc4c48277cf3e2
GET /en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hanumanchalisa.us
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 644e2cafbdb97b84fb82946810c31649
etag: "60db35edf1a6415237fe967820c8439f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 30 Jan 2024 12:36:43 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: B3UhlAWRKmAZi/BKCbKp2w==
x-fb-debug: 9QSpeGUk87ILDY+njgXJQFQKIu9qCjRT1BEIuBDpOozfZ+mOZj6uvGRHR740jIx6HisZiti9bIluo1LVDjD3Ag==
priority: u=3,i
content-length: 88413
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 18:35:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 18:35:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hanumanchalisa.us/web/unionbank_files/styles__ltr.css
192.254.188.64200 OK 28 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/styles__ltr.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (50696), with no line terminators
Hash 3f79eb5a523ac4d005c6619509340050
b87f0bc72c29a28c63c707a8f83c937123b3e5df
8e84b941aebcc46d950ca61c4594fca9cabcd06b6c9745885ae5dbb0c00f24da
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/styles__ltr.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/unionbank_files/anchor.html
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
www.hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
192.254.188.64301 Moved Permanently 2.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14372)
Hash 720954bd0bd525543fcefb7ef4db0167
255d1af5bcd2e95f529658632c740c0ab91f181d
7e378f35bfacf5d4c9db85f6230ec0cdba18c83c6a925f140132617bb91e0f1a
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/unionbank_files/anchor.html
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: http://hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2070
Content-Type: text/html; charset=UTF-8
www.hanumanchalisa.us/web/unionbank_files/recaptcha__en.js.download
192.254.188.64301 Moved Permanently 2.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/recaptcha__en.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14372)
Hash 720954bd0bd525543fcefb7ef4db0167
255d1af5bcd2e95f529658632c740c0ab91f181d
7e378f35bfacf5d4c9db85f6230ec0cdba18c83c6a925f140132617bb91e0f1a
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/recaptcha__en.js.download HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/unionbank_files/anchor.html
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: http://hanumanchalisa.us/web/unionbank_files/recaptcha__en.js.download
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2070
Content-Type: text/html; charset=UTF-8
www.hanumanchalisa.us/web/unionbank_files/favicon.ico
192.254.188.64301 Moved Permanently 2.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/favicon.ico
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14372)
Hash 720954bd0bd525543fcefb7ef4db0167
255d1af5bcd2e95f529658632c740c0ab91f181d
7e378f35bfacf5d4c9db85f6230ec0cdba18c83c6a925f140132617bb91e0f1a
GET /web/unionbank_files/favicon.ico HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:40 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 2070
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: http://hanumanchalisa.us/web/unionbank_files/favicon.ico
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
192.254.188.64404 Not Found 26 kB URL HTTP/1.1 hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (14387), with CRLF, LF line terminators
Hash cef95bf877f6ab649d189c21a524be40
16c02abf8740b8bb7379626650d8d48567abb444
3f89e04da296ac6138f70d3467b07292b9a7d4a7e8f44b45c26021e9b45d3d85
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hanumanchalisa.us/
Connection: keep-alive
Cookie: _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
Link: <https://hanumanchalisa.us/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
hanumanchalisa.us/web/unionbank_files/recaptcha__en.js.download
192.254.188.64404 Not Found 26 kB URL HTTP/1.1 hanumanchalisa.us/web/unionbank_files/recaptcha__en.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (14387), with CRLF, LF line terminators
Hash cef95bf877f6ab649d189c21a524be40
16c02abf8740b8bb7379626650d8d48567abb444
3f89e04da296ac6138f70d3467b07292b9a7d4a7e8f44b45c26021e9b45d3d85
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/recaptcha__en.js.download HTTP/1.1
Host: hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hanumanchalisa.us/
Connection: keep-alive
Cookie: _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
Link: <https://hanumanchalisa.us/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
hanumanchalisa.us/web/unionbank_files/favicon.ico
192.254.188.64404 Not Found 26 kB URL HTTP/1.1 hanumanchalisa.us/web/unionbank_files/favicon.ico
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (14387), with CRLF, LF line terminators
Hash cef95bf877f6ab649d189c21a524be40
16c02abf8740b8bb7379626650d8d48567abb444
3f89e04da296ac6138f70d3467b07292b9a7d4a7e8f44b45c26021e9b45d3d85
GET /web/unionbank_files/favicon.ico HTTP/1.1
Host: hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hanumanchalisa.us/
Connection: keep-alive
Cookie: _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 18:35:40 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
Link: <https://hanumanchalisa.us/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
192.254.188.64301 Moved Permanently 2.1 kB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14372)
Hash 720954bd0bd525543fcefb7ef4db0167
255d1af5bcd2e95f529658632c740c0ab91f181d
7e378f35bfacf5d4c9db85f6230ec0cdba18c83c6a925f140132617bb91e0f1a
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/unionbank_files/anchor.html
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5; _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 18:35:46 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: http://hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2070
Content-Type: text/html; charset=UTF-8
www.hanumanchalisa.us/web/unionbank_files/background.png
192.254.188.64200 OK 4.0 MB URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/background.png
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2054 x 1297, 8-bit/color RGB, non-interlaced\012- data
Size 4.0 MB (4034936 bytes)
Hash b96ca6c086ae1da6eb5a5d1de5e0f3ad
a122544b2c6afd43e071ea3590cc4b37c05316b8
6aa4661e2ad0927c9c8bcadea3e57a5642798572f44a7bd411d12a4b3815be30
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
GET /web/unionbank_files/background.png HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:45 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Content-Length: 4034936
Content-Type: image/png
hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
192.254.188.64404 Not Found 26 kB URL HTTP/1.1 hanumanchalisa.us/web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (14387), with CRLF, LF line terminators
Hash cef95bf877f6ab649d189c21a524be40
16c02abf8740b8bb7379626650d8d48567abb444
3f89e04da296ac6138f70d3467b07292b9a7d4a7e8f44b45c26021e9b45d3d85
Analyzer Verdict Alert fortinet Phishing
GET /web/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.hanumanchalisa.us/
Connection: keep-alive
Cookie: _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 18:35:46 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-UA-Compatible: IE=edge
Link: <https://hanumanchalisa.us/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hanumanchalisa.us
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Jan 2023 21:46:17 GMT
Expires: Wed, 31 Jan 2024 21:46:17 GMT
Cache-Control: public, max-age=31536000
Age: 161370
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hanumanchalisa.us
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 02:08:24 GMT
Expires: Fri, 02 Feb 2024 02:08:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2
Age: 59243
www.hanumanchalisa.us/web/unionbank_files/saved_resource.html
192.254.188.64200 OK 148 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/saved_resource.html
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e564a3905e8c87687ee0bd0b05ee76a
41e908564ec62189439e245c46b4e3efc2eebd5c
25125843e939ebb13040693deab070e1301d8cd4cbb364fef81d99788bc800c4
Analyzer Verdict Alert urlquery phishing Phishing - Union Bank
urlquery phishing Phishing - Union Bank
fortinet Phishing
GET /web/unionbank_files/saved_resource.html HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/unionbank_files/anchor.html
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5; _ga=GA1.2.784107425.1675362973; _gid=GA1.2.1621289194.1675362973
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: nginx/1.21.6
Content-Type: text/html
Content-Length: 148
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
www.hanumanchalisa.us/web/unionbank_files/bundle.1bf376f9696bfb8874af.css
192.254.188.64200 OK 0 B URL HTTP/1.1 www.hanumanchalisa.us/web/unionbank_files/bundle.1bf376f9696bfb8874af.css
IP 192.254.188.64:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /web/unionbank_files/bundle.1bf376f9696bfb8874af.css HTTP/1.1
Host: www.hanumanchalisa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/web/login.php
Cookie: PHPSESSID=0cc6b3cc40e34d227d8c96034cb4d4d5
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 18:35:42 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 17:38:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
188.114.98.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 188.114.98.234:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hanumanchalisa.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 18:35:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
cdn-cache: HIT
cf-cache-status: HIT
age: 1814259
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7935073ae959b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2