madhumitha.org/secure/indexx.php
301 Moved Permanently 248 B URL HTTP/1.1 madhumitha.org/secure/indexx.php
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 11cee74c604fc1608e00e7f072d11443
e7c3a39525c04c2a168762c08171621ce5f83053
2f7c22ccc821af73a9f36aa32e6a7606fa90f657f7731b964733bfce7b032766
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
GET /secure/indexx.php HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 09:01:46 GMT
Server: Apache
Location: https://madhumitha.org/secure/indexx.php
Content-Length: 248
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48addd18ae062290effff9efdd21a3ce
98e624b1ca94404241ab83099a3a0f0fe3121249
4d928bf1843cbdd41db876bf1c5d027bf2aaadfa9763b419f4900602a6d6aa18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D928BF1843CBDD41DB876BF1C5D027BF2AAADFA9763B419F4900602A6D6AA18"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20396
Expires: Mon, 12 Sep 2022 14:41:42 GMT
Date: Mon, 12 Sep 2022 09:01:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5016
Expires: Mon, 12 Sep 2022 10:25:22 GMT
Date: Mon, 12 Sep 2022 09:01:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZbIZlc2XjYn5JxLtSXYk8f-k_mcF5FQY31oHxpZaLfwJdwm6LykdOQ==
age: 6274
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 40 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c8a33edda1ebbb73cff47e4c76294774
de6758cee2dd7105671bfdc12f017f105ddbd8fb
1b787be2da341bd0991c2e6aafc3ca0d993204af00f5da36e2d97b4476101537
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: i67hmef2-LDjjZnzgokJWu6FoKsROLiFKcZbt7jWvU_xOc4Yhh391Q==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
content-length: 40546
date: Mon, 12 Sep 2022 08:57:38 GMT
age: 248
content-type: application/json
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 08:08:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kV6wmUvqQAMtizQuq794YFT4AQUQIme-fUYql6DvkKmn1Hr-QwN26w==
Age: 3217
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 09:01:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
madhumitha.org/secure/indexx.php
200 OK 9.9 kB URL HTTP/1.1 madhumitha.org/secure/indexx.php
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4131), with CRLF line terminators
Hash ffdd220200edd3edfae9164602ac8944
77d10309dde5fc4ba6477e457ba44ca5d4c6606b
712d8897bfc641e9f8bc18722d8a42c8bc6a7a8c6847f81e1c14d744b6131cda
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
GET /secure/indexx.php HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9855
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
madhumitha.org/secure/files/bat.js
200 OK 25 kB URL HTTP/1.1 madhumitha.org/secure/files/bat.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (25365), with no line terminators
Hash ad2da5f478b3ca25fc283c8039946a04
9dabae74978709f503e77ef81fbc8cfd367b8f25
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/bat.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 25365
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/jqueryCss.css
200 OK 19 kB URL HTTP/1.1 madhumitha.org/secure/files/jqueryCss.css
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (19098), with no line terminators
Hash ed7f40d68bfedd5dc9d2a7aaf330bee8
6df4c8c51c3644aa2955439bb50e75d6fba8d83b
ff5919883bc669ef04e309375803e7802009d3f3e3ff1ccf5a23972b89b80979
GET /secure/files/jqueryCss.css HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 19098
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
madhumitha.org/secure/files/site-survey.css
200 OK 4.4 kB URL HTTP/1.1 madhumitha.org/secure/files/site-survey.css
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (4339)
Hash b7d2a4622e5ba8af4ae30cd30c8938c1
3626734028846b756f4f0e946b5b815311305b81
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
GET /secure/files/site-survey.css HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 4388
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
madhumitha.org/secure/files/conversion_async.js
200 OK 28 kB URL HTTP/1.1 madhumitha.org/secure/files/conversion_async.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (1981)
Hash a47f1a212d9b8ee27386a44400320278
6837dadb1c1ce229b07a6121135bdfa82847bbd5
c456c58a1aa103e1841c0ec3fcff960e24106caccd1a42383f8fa36c34a9469e
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/conversion_async.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 28458
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/ytc.js
200 OK 14 kB URL HTTP/1.1 madhumitha.org/secure/files/ytc.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (14425), with no line terminators
Hash 262ad28777cd04301eaf1ed832269103
011e8f00197647efcc835622a0b327e6e7b07b07
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/ytc.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 14425
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/chat-fab.js
200 OK 20 kB URL HTTP/1.1 madhumitha.org/secure/files/chat-fab.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (19644)
Hash 2fb85e01b38ec473bd67a3ec442d9486
c3c6b95da9c8242f31cd0f3eb1399ca789f47ff7
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/chat-fab.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 19682
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/site-survey.js
200 OK 7.5 kB URL HTTP/1.1 madhumitha.org/secure/files/site-survey.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (7496)
Hash 374ca92abaa98bc7b2f19fe64114a18b
4c0a1441026a9337d322d7ae5536df1427e5c140
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/site-survey.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 7541
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/js
200 OK 82 kB URL HTTP/1.1 madhumitha.org/secure/files/js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (1571)
Hash 1b2d0f5b51e22768d2ce6dbdd4b76d47
87a6a558bcb7a0960cf67965da2c5d268a30544a
7449dde4b9f58f15889d84dceed8a5d4762e9ef7c25dc26827f47939abe0baa6
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 81700
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
madhumitha.org/secure/files/enroll.css
200 OK 192 B URL HTTP/1.1 madhumitha.org/secure/files/enroll.css
IP
ASN #8972 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash cc812d020df32799f8eddeae7ba5bfc8
2f01e4104898f4f7034283d6cf0288c2ea090f25
441eb8842b6d045cf0163c24d6df76d11a4bf024525ca79ef574781c4d716815
GET /secure/files/enroll.css HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 192
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
madhumitha.org/secure/files/serverComponent.php
200 OK 236 B URL HTTP/1.1 madhumitha.org/secure/files/serverComponent.php
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (305)
Hash 11ce5b07ec01b8039cb4913a0a84923d
21475a703dbd6d8ebbd9da5b6c69be30ef59a8aa
b7ad35ae54ca0875f29424731551077c4e4b5b365f75e1524c5e5cc5dce9505c
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/serverComponent.php HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
madhumitha.org/secure/files/ac3d72c469636f395ec5537c47348f43.js
200 OK 132 kB URL HTTP/1.1 madhumitha.org/secure/files/ac3d72c469636f395ec5537c47348f43.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (708)
Size 132 kB (131500 bytes)
Hash 4e076abeb111f773094bbbac8d98dfc3
c1bd1bb0ff8c9a3130393f55334f343e8e87a545
e490f0525dd8a1d432536b9294a1e13e5c63b48d0b4496bc200c9c698350e943
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/ac3d72c469636f395ec5537c47348f43.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 131500
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 6a62a18394d6eb174eafda87a9a884ff
38825afcca70d68810f1a334449a16a87076b3f8
46079c65452ba17c02877e35862c4836e9a482b5b239a8ed80df9b8bb6acbd22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6186
Cache-Control: max-age=147637
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:01:47 GMT
Etag: "631e7b06-1d7"
Expires: Wed, 14 Sep 2022 02:02:24 GMT
Last-Modified: Mon, 12 Sep 2022 00:19:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5703
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:01:47 GMT
Last-Modified: Mon, 12 Sep 2022 07:26:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
madhumitha.org/secure/files/rol
200 OK 290 kB URL HTTP/1.1 madhumitha.org/secure/files/rol
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Size 290 kB (289840 bytes)
Hash 2ca02fbf31c6645b6fe96ccc40a4585b
d4fa4b15fd35c9bc575c98e7d24240e90a761867
ce0889234a8c5c7680c337bace78eed81b73ccef091019e2e8a0fbba9970cc5b
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/rol HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 289840
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 09:45:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u1Gj7jUYNHIuMWO4UFGM5uVMO9qCxloXFyDaY5tMYX9qrzGo2BFb8g==
Age: 340
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wES01wO3zcrTwDrp4ygRkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fwfBDuWclhOKpVL875GFLVLE2t0=
madhumitha.org/secure/files/sp.js
404 Not Found 93 kB URL HTTP/1.1 madhumitha.org/secure/files/sp.js
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32690), with CRLF, LF line terminators
Hash b14d18c8c60722225f37cf144f4537cb
f0d32723cd250946a4b459183942857b94599988
a1b4197f080809608ddb1279ce0680817bdd6e7f4102cff89ac3657c04697f96
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/sp.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:47 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4897
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:01:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4897
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:01:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4897
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 09:01:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 40798
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6065db8d4276060fbc5f9e0ef04573bc
4077cf9a03f0fa3601bcbea161bfe762feb3a7e0
a14f6e8db246a321dbdcd8672e1914daa53cb9a27a926f63393e5ddc279e58de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9588
x-amzn-requestid: 61cc89f2-7e05-483a-a17b-be3041e0c096
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJK7GvaIAMFoHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5578-068429955950e2374ca0dade;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VJtwWtz9hw9B_bK6SXcRQbN7HXqDsVD3twNaSqIkwGQeRTeAbyReFg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
age: 39969
etag: "4077cf9a03f0fa3601bcbea161bfe762feb3a7e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 68142
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 866ace739b788c7d6e9047d246985a8f
bec098ac12c44fc877555fea7b3ddb8cbef12b2d
1d8599845425acd4bf90d7da05efdd2a9c7e0b5a37efc291cdcf1a2277671429
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8390
x-amzn-requestid: 43e68b0e-80fd-43ed-8f63-86ec0c94c0a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJAPGy8IAMFsdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5534-0d51f22d34cb67eb2319ebf1;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: e-lL-3G5SCGgrsm_9pp51JYvBtgtZB144EZPmBq6Mx16HfXYK2-nZw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:44:30 GMT
etag: "bec098ac12c44fc877555fea7b3ddb8cbef12b2d"
content-type: image/jpeg
age: 40639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63d953ea7dce676e8b1c6fcab9f8eab7
5a359aed379e554c5c9885cc8f7a3bff7447d246
428029d6b65a52758df9fd8cb284df83ca4685031126b0ab5b60764a3e2d1a27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5709
x-amzn-requestid: 747b7be7-356b-4a9e-9869-4b8f71e66f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YMl6sHaoIAMF2lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631b5044-0c6b0f57046b79cf56ecbf39;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 14:40:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WbzMgteMd5CxXXK6sARu-n39xAWcZiYHgkR2TCg2aNbzEXcaxS-TZQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 23:26:14 GMT
age: 34535
etag: "5a359aed379e554c5c9885cc8f7a3bff7447d246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 19374
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
selfservice.huntington.com/Content/Styles/holCss?v=Od153U2kijQTt9gP5KKgNvHFVossr5-C7srZFKOWrAY1
200 OK 44 kB URL HTTP/2 selfservice.huntington.com/Content/Styles/holCss?v=Od153U2kijQTt9gP5KKgNvHFVossr5-C7srZFKOWrAY1
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash d4dbe4c17610ad8e9e983dae38c6fb6b
9c9ea2655536b1d2b24590aa9c986ae7fcd217b7
4b3783e8bdca1e39b84e9586a69664bb996bada306da713d424ca065ed0b4b1f
GET /Content/Styles/holCss?v=Od153U2kijQTt9gP5KKgNvHFVossr5-C7srZFKOWrAY1 HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
cache-control: no-cache
expires: -1
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1120698340"
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 12 Sep 2022 09:01:49 GMT
content-length: 44519
set-cookie: dtCookie=v_4_srv_9_sn_FB00229FB1D85BFFBB157A2490EBA8B9_perc_100000_ol_0_mul_1_app-3Ad008aef95ba8c69e_1; Domain=.hban.us; Path=/;
BIGipServer~PROD~p_eas-selfservice.lb.huntington.com=rd30o00000000000000000000ffffac170596o443; Path=/; Secure; Secure; HttpOnly
_abck=749889BCABA28312FA6B2861E85C65C7~-1~YAAQ1x8WArUxKfKCAQAAtPLuMAhtaBAeIm+f9twcLuc2D3V67oNcGBGNatfiYty/Cjpr09dGlxm5cYs6Inwsqwkp/8AC/jdvet2UNVEt5uplDz8KGpaxgFuPDfL/2xI+1P7PZIWRXNRGLCCQ3XI3bGVrnDGChqSZ9AWLnokJE5uYMKVD5CDgx0gDnb6OnYY1axFAlWpJL34KuU6ZdVgiYqNE/i5rp2TkkuG2XOvkMy3Crw9lTZVGCWJy+QjUTGLG1nD5xTjfq2N3UgL2zLGr1A4rMtCkT7vYuqFXGy4k9Q1prsFFurEAl3A7EQLal9Lqly9TD1z/+PBeoEB+GyOIQS0o4SPfQ2BB3E9tWEJYUhRTMicaSJQ65om6k83a1Bq/~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 12 Sep 2023 09:01:49 GMT; Max-Age=31536000; Secure
bm_sz=35FEE051E430BA89E58F461563FBE5CA~YAAQ1x8WArYxKfKCAQAAtPLuMBEWVScsHL2nqYyyk/VnlmLWwJdpmPGf0tX80BLOWD+Kuy3XFfW3QNlVUKsi8VCjH4ndpagET6cA7JIexffW2XzTifGh2tpDO+PDEL7LyXLG12yJWWfdJKbwZdY6POWQmjK+4nHh9fMAQmrDUssNhokFaVs9ChkYcJxo0qoFNDbGefi/i2Sw5egL1wADjIDAN0rwctkbcHb4doz1m2/tjWUApYApegX84reEFtU29diIIdKMJ8OZx4vu0n7yk4kKYJyoTTr5K/tATXTH9xPtXcY5Cwum~4408112~3753011; Domain=.huntington.com; Path=/; Expires=Mon, 12 Sep 2022 13:01:47 GMT; Max-Age=14398
X-Firefox-Spdy: h2
madhumitha.org/secure/files/oo_icon_retina_black.gif
200 OK 552 B URL HTTP/1.1 madhumitha.org/secure/files/oo_icon_retina_black.gif
IP
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 18 x 18\012- data
Hash 0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
GET /secure/files/oo_icon_retina_black.gif HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 552
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
selfservice.huntington.com/Content/images/logo-lg.png
200 OK 2.6 kB URL HTTP/2 selfservice.huntington.com/Content/images/logo-lg.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 214 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 753e73fa855d3fca72f45e5e4107ca3e
3a408bcf652e664be177f8245cb62f1e08ba3282
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
GET /Content/images/logo-lg.png HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://selfservice.huntington.com/Content/Styles/holCss?v=Od153U2kijQTt9gP5KKgNvHFVossr5-C7srZFKOWrAY1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 2560
content-type: image/png
etag: "a1c69dd412b5d81:0"
last-modified: Sun, 21 Aug 2022 04:02:28 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-929379994"
cache-control: max-age=2537576
expires: Tue, 11 Oct 2022 17:54:45 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
selfservice.huntington.com/Content/fonts/HuntingtonApexWeb-Bold.woff
200 OK 42 kB URL HTTP/2 selfservice.huntington.com/Content/fonts/HuntingtonApexWeb-Bold.woff
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 42430, version 1.0\012- data
Hash b1cbb286f4735c2d3142b6e7765cc8b0
eef889e8a35bb33d9963de6e4888e3e54b8de6bc
b7fdacba9d9ba82947b81f97f975c0ce993ef8bccc3c01b5780f799bc15f0d8a
GET /Content/fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://selfservice.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 42430
content-type: application/x-font-woff
etag: "8eb8c5d212b5d81:0:dtagent10239220408103229cajx"
last-modified: Sun, 21 Aug 2022 04:02:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1657415065", dtTao;desc="1"
cache-control: max-age=2528947
expires: Tue, 11 Oct 2022 15:30:56 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
madhumitha.org/secure/files/pixel.htm
200 OK 108 B URL HTTP/1.1 madhumitha.org/secure/files/pixel.htm
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1a7562ff802f8301970ff574c2e4277f
3532997324bc5f31ad7ad464603226c08ed2eedd
f6a6049d8f3fdd43ab20af67a303f4d00f211e367b5a026384bf0e7283875a0b
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/pixel.htm HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 108
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
madhumitha.org/secure/files/nuanceChat.htm
200 OK 547 B URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat.htm
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (785), with CRLF line terminators
Hash a51b54eaf69b89d1739731fc256b9d34
7f8a578fb6037f6c67c5575fa536185da3f8ad95
88055417ae6a2bfd57ceb3a1d75804cf2c8b077277d9f62e09f007fddf22ef54
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat.htm HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 547
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
200 OK 1.2 kB URL HTTP/2 www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4339)
Hash 19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78
GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=2045512
expires: Thu, 06 Oct 2022 01:13:41 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
200 OK 14 kB URL HTTP/2 www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45689), with no line terminators
Hash 1ee15309bb313a5479cf9d3c90953de2
0e1c797088d6be92035bff7e5495b3a953b5a6b4
a57d97a52e080f530b7c9e39563b957174720ed6c8b57a119321ad4f9b70b7bf
GET /Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="762343362"
x-ua-compatible: IE=edge
content-length: 14478
cache-control: public, max-age=2066833
expires: Thu, 06 Oct 2022 07:09:02 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
madhumitha.org/secure/files/inqChatLaunch10006663.js
200 OK 23 kB URL HTTP/1.1 madhumitha.org/secure/files/inqChatLaunch10006663.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (999)
Hash fc28fe7671857c8fc6af5c725b6efa65
2602647796aa238b5a5f145e0f6892c2bad94e84
86598506c865db230133e34b3dc2d011e7877925d0a0b91389cddc518a166828
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/inqChatLaunch10006663.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 22791
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/nuanceChat_data/site_10006663_default.js
200 OK 48 kB URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/site_10006663_default.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (22091)
Hash e9d9a496709a5afd6e1964919de6f73a
df856fb44f28f8586b18d9b749b4a07cc9ac470e
ec16a28be8b6cfb5fcc71114cd6ee4b4c34254198eba02ac0a56acbd64a9830b
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/site_10006663_default.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 48490
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/b9aa0e39186908d7cb083210f9fe
200 OK 66 kB URL HTTP/1.1 madhumitha.org/secure/files/b9aa0e39186908d7cb083210f9fe
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/b9aa0e39186908d7cb083210f9fe HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 66005
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
selfservice.huntington.com/Content/fonts/HuntingtonApexWeb-Medium.woff
200 OK 42 kB URL HTTP/2 selfservice.huntington.com/Content/fonts/HuntingtonApexWeb-Medium.woff
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 42430, version 1.0\012- data
Hash 5c304a688e1834c3234e23d0f41c921d
5afdb446d827409a4f761ba2df5b7178a961ba2a
9d73f100ada94fdd8c13ea00dd54bdb3216cbbb376055ac3daa5891a70727ace
GET /Content/fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://selfservice.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 42430
content-type: application/x-font-woff
etag: "668f92d212b5d81:0:dtagent10239220408103229cajx"
last-modified: Sun, 21 Aug 2022 04:02:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="1228598847", dtTao;desc="1"
cache-control: max-age=2537548
expires: Tue, 11 Oct 2022 17:54:17 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
madhumitha.org/secure/files/nuanceChat_data/ads-blocking-detector.js
200 OK 6.9 kB URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/ads-blocking-detector.js
IP
ASN #8972 Host Europe GmbH
Hash c0fb71d6f96440d1598b1f107a3d3317
0250d4eb5724b38ecb8f16e5ea571cce6b192b04
4b77972fc8b4afea3b15a7fe4fed727fc80a5253ff8b04ec09082e2f6e5248e5
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/ads-blocking-detector.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 6887
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
200 OK 217 B URL HTTP/2 www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 18 x 18, 8-bit grayscale, non-interlaced\012- data
Hash 756ea9671899d785a86de4dcc11af817
89c6975e8d8a858e94aeed1c69b010abf2afd563
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
GET /Presentation/onlineopinionV5/oo_icon_retina_black.gif HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "055e39b9c9bd81:0"
last-modified: Fri, 29 Jul 2022 06:04:28 GMT
server: Akamai Image Manager
x-serial: 430
x-check-cacheable: YES
content-length: 217
content-type: image/png
cache-control: private, no-transform, max-age=60271
expires: Tue, 13 Sep 2022 01:46:20 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
madhumitha.org/secure/files/nuanceChat_data/tcFramework.js
200 OK 537 kB URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/tcFramework.js
IP
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (3061)
Size 537 kB (537090 bytes)
Hash dcb2a9d7c24522e9d82d018e7649f10c
5f2a33d0ace4d7231a7390e3070b4304796a5efb
d6ce17127f0cc7ac0308fb593076997b7ab2cfe1c8bf4ab6f871ff3d15ce7c7e
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/tcFramework.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 537090
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
madhumitha.org/secure/files/nuanceChat_data/postToServer.htm
200 OK 6.8 kB URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/postToServer.htm
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (787), with CRLF line terminators
Hash 6a48426303447086408b0f6ba7f26199
39cc3bc766fd640316f8d5cb9098e4f915e7525e
6e2c1f9b4b8a78dee947759bb0f1bd3017d59561ff6f7b5cd9cfe532a43629c3
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/postToServer.htm HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:50 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6750
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
madhumitha.org/secure/files/nuanceChat_data/nuanceChat.htm
200 OK 267 B URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/nuanceChat.htm
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0d33e0a5576e01ac0c9b03bbda8b7227
85d3b2ea316f37a9012c7e513597276cafca9636
12748ab4d6b05eddfec497097393b3e52cea97af563ecde2c0c0172af64049f1
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/nuanceChat.htm HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:50 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 267
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
madhumitha.org/secure/files/nuanceChat_data/nuanceChat_data/postToServer.js
200 OK 21 kB URL HTTP/1.1 madhumitha.org/secure/files/nuanceChat_data/nuanceChat_data/postToServer.js
IP
ASN #8972 Host Europe GmbH
File type Java source, ASCII text, with very long lines (787)
Hash 22fe676786f4a538f1f60773dacfcaef
2ac21fbed1ded02e0186aeba3c11385b4ea49154
e1091250ddc02d957a2bc6197deb0770a76ff36a44c850e82ce672a16f2ee304
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/nuanceChat_data/nuanceChat_data/postToServer.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat_data/nuanceChat.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 09:01:50 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 13:19:19 GMT
Accept-Ranges: bytes
Content-Length: 21390
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 03b898330f2ac05634eee32c7656972b
6b88ecb5fa1925fba0a4d4f7996800afb71cd4ba
6d3156c82c05964f676f2a1a95a2f63a3e4ec92f992d4402320d3d26b91cd68b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 563
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:01:50 GMT
Last-Modified: Mon, 12 Sep 2022 08:52:27 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 03b898330f2ac05634eee32c7656972b
6b88ecb5fa1925fba0a4d4f7996800afb71cd4ba
6d3156c82c05964f676f2a1a95a2f63a3e4ec92f992d4402320d3d26b91cd68b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 563
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 09:01:50 GMT
Last-Modified: Mon, 12 Sep 2022 08:52:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js
200 OK 2.2 kB URL HTTP/2 huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash f1c88dcc4062073fc324e637e750d94b
543189cfa5d45151b2a1d424ca15b29b9709415d
6a6635e86d62b6ef5b1ba11e946a382bac949c7d4ab8a1c6f64624cfaa5a9cf0
GET /tagserver/js/ads-blocking-detector.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 09:01:50 GMT
content-type: application/javascript
content-length: 2204
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: max-age=3600
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
etag: "Bm8GfGTnKlU"
last-modified: Wed, 31 Aug 2022 14:52:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
madhumitha.org/secure/files/sp.js
404 Not Found 93 kB URL HTTP/1.1 madhumitha.org/secure/files/sp.js
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32690), with CRLF, LF line terminators
Hash b14d18c8c60722225f37cf144f4537cb
f0d32723cd250946a4b459183942857b94599988
a1b4197f080809608ddb1279ce0680817bdd6e7f4102cff89ac3657c04697f96
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/sp.js HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.huntington.com/Presentation/images/favicon-16x16.png
200 OK 322 B URL HTTP/2 www.huntington.com/Presentation/images/favicon-16x16.png
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55f45d358206ca31c4759defeea3be62
04c605b51629b94085bc2bd054b4e6c6989b2ffb
1c8581c1cc0ae1972eaf6022b377d3cb4c343f9c14d441376b1c546996685f51
GET /Presentation/images/favicon-16x16.png HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "0d42de2dc28d81:0"
last-modified: Wed, 08 Jun 2022 21:36:06 GMT
server: Akamai Image Manager
content-length: 322
content-type: image/webp
cache-control: private, no-transform, max-age=519334
expires: Sun, 18 Sep 2022 09:17:25 GMT
date: Mon, 12 Sep 2022 09:01:51 GMT
X-Firefox-Spdy: h2
media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020
200 OK 326 kB URL HTTP/2 media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020
IP
Size 326 kB (326042 bytes)
Hash 6e2f06dda592671184827c4092ca2db9
7c4e29ecb50e5fd948e6de76521054cf8f9d1e4c
3c592911220f88fb1a03d91dc5266f85c8da06b372b78014d86fa919c55377b7
GET /media/launch/tcFramework.min.js?codeVersion=1587584821020 HTTP/1.1
Host: media-lax1.inq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
date: Mon, 12 Sep 2022 09:01:50 GMT
expires: Mon, 12 Sep 2022 10:01:50 GMT
cache-control: max-age=3600,public
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
etag: W/"61774ab2-f2eab"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
madhumitha.org/assets/b9aa0e39186908d7cb083210f9fe
404 Not Found 90 kB URL HTTP/1.1 madhumitha.org/assets/b9aa0e39186908d7cb083210f9fe
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29515), with CRLF, LF line terminators
Hash 763384f8487cf2b434e82b47ea860576
d8eda570b28bf878e576dccf9dfac219668be6e5
472b067f378a2e267286976724f7fc0677e41c8e580c8b38d0616dfe4a844f59
Analyzer Verdict Alert fortinet Phishing
POST /assets/b9aa0e39186908d7cb083210f9fe HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 863
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
WPO-Cache-Status: not cached
WPO-Cache-Message: The request method was not GET (POST)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1662009627436
200 OK 6.6 kB URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1662009627436
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- C source, ASCII text, with very long lines (22059)
Hash 6a91776f4b36f4ab02d6a2c860b2d61f
343dd5068c50ef758a3e23e1d538b5bfd6103e26
5e133e3eb1addf1e6d1338ea4ae054bcfe00611627332382cf4ae92d416ed077
GET /media/launch/chatLoader.min.js?codeVersion=1662009627436 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 6600
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 06:46:14 GMT
accept-ranges: bytes
etag: "6x8YloXOudx"
vary: Accept-Encoding
server: TouchCommerce Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
samesite: Strict
x-azure-ref-originshield: 0xeweYwAAAAAYgwtweFvhSqAIwLJ8QWh4RlJBMjMxMDUwNDE4MDMzAGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-azure-ref: 0f/UeYwAAAACOn21EYy5BTb+7fP3ZHunGWlJIRURHRTA2MTAAY2I0ZDQzZDUtMzQyNy00MmUzLWE2MGYtZjMwYmFlZjJmZTNj
date: Mon, 12 Sep 2022 09:01:51 GMT
X-Firefox-Spdy: h2
madhumitha.org/assets/b9aa0e39186908d7cb083210f9fe
404 Not Found 90 kB URL HTTP/1.1 madhumitha.org/assets/b9aa0e39186908d7cb083210f9fe
IP
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29515), with CRLF, LF line terminators
Hash 763384f8487cf2b434e82b47ea860576
d8eda570b28bf878e576dccf9dfac219668be6e5
472b067f378a2e267286976724f7fc0677e41c8e580c8b38d0616dfe4a844f59
Analyzer Verdict Alert fortinet Phishing
POST /assets/b9aa0e39186908d7cb083210f9fe HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 988
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://madhumitha.org/secure/files/nuanceChat.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:50 GMT
Server: Apache
WPO-Cache-Status: not cached
WPO-Cache-Message: The request method was not GET (POST)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
selfservice.huntington.com/Content/fonts/MyriadPro-Regular.woff
200 OK 0 B URL HTTP/2 selfservice.huntington.com/Content/fonts/MyriadPro-Regular.woff
IP
ASN #20940 Akamai International B.V.
GET /Content/fonts/MyriadPro-Regular.woff HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://selfservice.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 61848
content-type: application/x-font-woff
etag: "79f8e2d212b5d81:0:dtagent10239220408103229cajx"
last-modified: Sun, 21 Aug 2022 04:02:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-624897637", dtTao;desc="1"
cache-control: max-age=2537504
expires: Tue, 11 Oct 2022 17:53:33 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
madhumitha.org/secure/files/0_002.txt
404 Not Found 0 B URL HTTP/1.1 madhumitha.org/secure/files/0_002.txt
IP
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/0_002.txt HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
selfservice.huntington.com/Content/fonts/MyriadPro-Regular.woff2
200 OK 0 B URL HTTP/2 selfservice.huntington.com/Content/fonts/MyriadPro-Regular.woff2
IP
ASN #20940 Akamai International B.V.
GET /Content/fonts/MyriadPro-Regular.woff2 HTTP/1.1
Host: selfservice.huntington.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://madhumitha.org
Connection: keep-alive
Referer: https://selfservice.huntington.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 35960
content-type: application/font-woff2
etag: "d21ab4d312b5d81:0:dtagent10239220408103229cajx"
last-modified: Sun, 21 Aug 2022 04:02:26 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="852696963", dtTao;desc="1"
cache-control: max-age=2537488
expires: Tue, 11 Oct 2022 17:53:17 GMT
date: Mon, 12 Sep 2022 09:01:49 GMT
X-Firefox-Spdy: h2
madhumitha.org/secure/files/0.txt
404 Not Found 0 B URL HTTP/1.1 madhumitha.org/secure/files/0.txt
IP
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /secure/files/0.txt HTTP/1.1
Host: madhumitha.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://madhumitha.org/secure/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 09:01:49 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://madhumitha.org/wp-json/>; rel="https://api.w.org/"
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
92.204.40.197
143.204.55.35
23.33.119.27
93.184.220.29
2.22.31.219
0.0.0.0