r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 06:55:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3859
Cache-Control: max-age=103211
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:55:20 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:35:31 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3437
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 06:55:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2229
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 78kDWkZyIY2+saGUdDEX/TyIFWHqO6qDvEwzBXNoPTkiS0ZgPPAalXgroN8jKlrqegdFozr+uoU=
x-amz-request-id: 6AXAEFJE1WERQE9R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 06:46:36 GMT
age: 524
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:55:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
208.91.199.118200 OK 7.9 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3638)
Hash 9fcf4be983b2732e2cde8395624f7532
7b08bd76ac554c3be288b9809cb18a49b98895f2
c96e54e4699cbcf41fdf66b28908b0baf82d78af56548643ed5259eaa4bf8e75
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9 HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7929
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:08:57 GMT
cache-control: public,max-age=3600
age: 2784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement_Module_ActivityMap.min.js.download
208.91.199.118200 OK 1.6 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement_Module_ActivityMap.min.js.download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3157)
Hash db599b3645a80d4aec3003b3148ad2fd
faa463122bdbac7943833a36af985678672af988
82383b027e8bd3a9813b4ece004e9d90bade0c78e5d129843252d9ebead0ba4d
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement_Module_ActivityMap.min.js.download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1649
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/1.a4107d5847ce71ae19c1.js.download
208.91.199.118200 OK 29 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/1.a4107d5847ce71ae19c1.js.download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash 630276155cb6ef1c5ba43b3d0827908e
49c3eb24ee02bf36166cf3030591cb6f666278b2
25546f2453574cf32df8e4d21fb32205016400d7313a5797904f911116e1e838
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/1.a4107d5847ce71ae19c1.js.download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/integrations
208.91.199.118200 OK 3.4 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/integrations
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash eb6630d15c587d61118bd375f0259135
a1aeafd1e362f95bd7708adf2d93d6ecb990b318
e4fe60aa7f1bcd674a7a83d1ec47f6ef9c309876bec0b84e16930c710ce3b7d8
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/integrations HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Content-Length: 3429
Keep-Alive: timeout=5, max=75
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7.a62d97ca86043da836ba.js.download
208.91.199.118200 OK 74 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7.a62d97ca86043da836ba.js.download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d243dee2a78ce0305ba403c77f10405
b47178c46ab516fc0925db4e7fdcf1c4e4c8f9ea
1b2d06b4efb1752f2aede8c1bd1fb306dcc72a0fef4389c935b572ca6e450183
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/7.a62d97ca86043da836ba.js.download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement.min.js.download
208.91.199.118200 OK 15 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement.min.js.download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32768)
Hash e619db654218c8726f6928d2c4f40a74
8d2b0dfba638d33cf34063f1795d935340cc6db0
e9815f331d5c46acc657eae4704b9f0f4539f7f0119d0b89eff54de0b4c5157e
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/AppMeasurement.min.js.download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 Jun 2022 08:40:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14946
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key.css
208.91.199.118200 OK 2.6 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key.css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 275431eafb66243977f3345542aaf5d3
16524d3f92eaf21bcaa07957f4ecaeca2a94f9cf
d7d9f32a643446b1c3f0ef9ae3994b356cbd6aac0a474f26c6015d42881f398e
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key.css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Wed, 22 Jun 2022 23:22:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2632
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/RCcaa4e69ad2d64fb28ce705b92f818cb2-source.min.js.download
208.91.199.118200 OK 422 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/RCcaa4e69ad2d64fb28ce705b92f818cb2-source.min.js.download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (590)
Hash 7c3fa2fa268c8c345553480a2b701942
743869c756235537e36ededfd42dbedfe240198c
53825cdf8623ca17317efa7df6cc93a3e1fdbe227506ae60af254616c84005c5
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/RCcaa4e69ad2d64fb28ce705b92f818cb2-source.min.js.download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 422
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ad2add1f0fd14b5cb849c2551f32e40a
eaa8e0fa2ee07eee224bc09784ce30f8cb28b27e
91fbfd5cb32e91ee620cf7613542214d121f8be2d7aebca0c005fe538eb7fffb
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 01:11:55 GMT
Expires: Wed, 07 Dec 2022 01:11:54 GMT
Etag: "eaa8e0fa2ee07eee224bc09784ce30f8cb28b27e"
Cache-Control: max-age=587283,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 89
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773228104c70b50b-OSL
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/ibx-globals-key.css
208.91.199.118200 OK 148 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/ibx-globals-key.css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with no line terminators
Hash ef7118d6c9b03f948b3ef254a6bff500
1b395cb53a85f7599d27e878d22bcb71beda37b2
25155b54264bc8a778d8bb23a20a02635aa78f607ff998b0edc620a1e19e83bc
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/ibx-globals-key.css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.css
208.91.199.118200 OK 3.4 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9c8e7e0aba9ae057201532a0b39e61e9
0a9bf9414782720c48c54779fb6bcfabd1db738b
881744f59dd18df76a3cd755abf02bc0cdf2d36fcce80048f7f96ce2db84388f
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/styles.css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3419
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles(1).css
208.91.199.118200 OK 8.2 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles(1).css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (28423), with no line terminators
Hash 9a590c071420824ee5e4fa5255da1da2
deefcb174f5591769fcbd5fec7b4622baca9ffd2
f88708fce431cd0b08dcbd3a9ebbb4fb312392338b147dd675b6fb24aa2f6342
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/styles(1).css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8162
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key(1).css
208.91.199.118200 OK 1.8 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key(1).css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5309), with no line terminators
Hash a410162c839b65012987ee5f5fdf2a4f
d0c8f55b8939e96efc1bc6b29d4d345b9a744cbd
1f1885ef5d2e997cc6a8d5c0fba52aecfb89e0a11a79c485f1b364a370ddf1f9
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/styles-key(1).css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1828
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9AbXKW9LGZ5soS81wpGHvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5yqgNsTL9ySqAf1kqkGzFpxIAZY=
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
208.91.199.118200 OK 42 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65057)
Hash 7f98ac806a27da021f46da494c15a8ed
7db588b596333e0eb59c44ae4e8789599ac3ee4c
c92f4a6124fe15fbd119ff99817f0df1e275c7908e3df3df86c2c5d26d0d7458
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
208.91.199.118200 OK 70 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash df37295d0ffbc550c196312870b9ae58
e8e01635fb552bdcc5b1cf63d3246df1fa63b977
64f91e85bec553c081acce0fb62813848546ed3c23b3d0c0e342fa2737ce3323
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/bundle.js(1).download
208.91.199.118200 OK 606 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/bundle.js(1).download
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 606 kB (605641 bytes)
Hash 15c2f48f4b8ef4187c6eaf3b5ace99a9
3ef3ef518ffa5e9142f730ef2052e3e2b7e64146
d4c307ca631714afc826c9d36b169ad69b03f5e572ef074f63b404cc9f023f17
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/bundle.js(1).download HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 09 Jun 2022 08:40:58 GMT
Accept-Ranges: bytes
Content-Length: 605641
Keep-Alive: timeout=5, max=75
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key_black_logo.png
208.91.199.118200 OK 3.4 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key_black_logo.png
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 276 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ac718e18ce2383f5581edc92b37b5964
064252d1d84c5fb2bc45b2e510e9f4235c65baeb
de35a69575718cdee8f4583e969583506939c38f94c0dad37dfe66abe574dbc0
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/key_black_logo.png HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Content-Length: 3375
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kloader.gif
208.91.199.118200 OK 19 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kloader.gif
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 400 x 400\012- data
Hash a90e737d05ebfa82bf96168def807c36
ddc76a0c64ebefe5b9a12546c59a37c03d5d1f5b
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/kloader.gif HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:04 GMT
Accept-Ranges: bytes
Content-Length: 19110
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/gif
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/otac-72-hours.svg
208.91.199.118200 OK 4.3 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/otac-72-hours.svg
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (307)
Hash 59332708e91127186fad4d5b9f9fdfce
64a60efad9d12f1018efdeb645a598779430c5b9
19154c371170b37e378225e8379871b7efecc3009f3ab3925c31f949964e80f5
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/otac-72-hours.svg HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Content-Length: 4281
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/svg+xml
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key-logo.svg
208.91.199.118200 OK 6.1 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key-logo.svg
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5966)
Hash b4284724f45b84236572906bb9309724
a919c3dec8149ae38b71d233f4b7d9391ac91691
4712701bf2f3b3b93bdfc9aa8c2c3e8dbdf6f3c4cbce9fc9a766c7cb5b281e5b
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/key-logo.svg HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Content-Length: 6072
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/svg+xml
aquaflow.ae/ibxolb/olb/share/assets/images/kds.svg
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/ibxolb/olb/share/assets/images/kds.svg
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /ibxolb/olb/share/assets/images/kds.svg HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/ibxolb/olb/share/assets/images/kds.svg
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key_white_logo.png
208.91.199.118200 OK 12 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/key_white_logo.png
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 172 x 32, 8-bit/color RGBA, interlaced\012- data
Hash d62d5b0d8627210d502248fd5ba0795b
b54d1d796f26e980cdb17293ff75647f8072c6b7
07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e
Analyzer Verdict Alert urlquery Phishing - Key Bank
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/key_white_logo.png HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:00 GMT
Accept-Ranges: bytes
Content-Length: 11797
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/images/kds.svg
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/images/kds.svg
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/images/kds.svg HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/images/kds.svg
Content-Length: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/ll_storage_html5.html
208.91.199.118200 OK 17 kB URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/ll_storage_html5.html
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Hash d766058257a34b032bf8e3acc74c79b1
7293775513749f4e51b3ba94690d42c1029dd3b6
69717924a0d2d40a640e72a557740f4c96e9582eb2d1c1fcf455e247986594c6
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/ll_storage_html5.html HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Last-Modified: Thu, 09 Jun 2022 08:41:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16885
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff
Content-Length: 0
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff
Content-Length: 0
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/kds-base-key.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/share/assets/images/kds.svg
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/share/assets/images/kds.svg
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/share/assets/images/kds.svg HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/Login.php?id=i03h17moceg?access_token=06ijgben3kfi9
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/share/assets/images/kds.svg
Content-Length: 0
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7781
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7781
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7781
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7781
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7891
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 06:55:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 32792
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ArJSu5jI0RrZj3QtJp6oI6Yvf9LCWrYqU0HRIl8U8xJjdeOaJEe2yg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:07 GMT
age: 30916
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 85181
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 84962
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 33636
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 32847
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash ff855fcf581d94616766ac521584512d
9fdeb5db45ceb2de80c2c9101320d996b34ad941
0d547c6180c42f2f89f6dfd0de9bd1864507e9d6606696e5db1f37e78681bf8e
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/08edde9d-c27b-4731-a27f-d6cd9b01cd06.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9063
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 7f848d41a064fd666f99ffd71f21449c
515f4faba1d46d36eb799f5f9da7da853504e589
d4d44f97f3483362440fde05484af42e7751ffd4a69e8f87e43b545749f08ff9
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/7802e576-2ffa-4f22-a409-534355fbea79.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9064
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 4dfefe8555686a27133e8a0f9730fe43
38fd9dfc70c719ae5a9b3ec40c447c8fb55a2d7b
7bf834ca7e3405471c14772aab57fa8129d6cc0e402ac945b6aa7f29e9825c44
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.45b47f3e9c7d74b80f5c.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9067
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 638537081e91212bab66564b027f051c
c502e8a51305683852400109b92b6de9d30c50d7
016de9bbb13c24bf380b9324afd44cb3015dd0ee20e4e001baad30bafa6a682b
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.79515ad0788973c53340.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9069
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 90002c628a6155c0929e2ff8feb2e527
211e1cf1b1aafd1cdf560808c8f967ca3809b7db
7b51095c56ef3755f9cdb3a9eea079c7f39612fc4eb1bf9ff1591a3a908e2cba
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/0552ce48-950c-471f-b843-1afac814d259.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9064
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash d59b6f05d38b6ca0665cb28285e7b583
5e47cde0999301211b8cc77a20518ae315b5307a
dba269ead0d2b80544846c1f0ca1ad442a80b32ecbe205072dbfd6de5d0c7933
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.697574b47bcfdd2c45e3.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9069
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 62ec036bfc3e7065f583c423518bf958
dbdf832af5cf39a1bbe4ba16b6c0a9b638cc6319
8941a6fe47fdf39fbd3293d4da15d0b1fa3bbbe81cc4801c2bb4909acefa06f6
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/e9722702-4fb8-436a-9342-c5f4f5c3a75d.woff HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9064
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf
Content-Length: 0
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf
208.91.199.118301 Moved Permanently 0 B URL HTTP/1.1 aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf HTTP/1.1
Host: aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/styles.a4962029f638dde4888c.css
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf
Content-Length: 0
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 1f4760eff265f75897a90c69a3534f93
71939624c9a5e984fdba8dac5c162d6b3dfda1ad
c7d7061d92801864b2ddb0612611fbe415ed3a7c030f068085546b70a9d4ef0b
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Light-webfont.2e98fc3ce85f31f63010.ttf HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9066
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash d38f73069d20ec676a322f60b60db76d
8a9d3054f51e17e6a806a39905cd43d59151a3de
9607c93a0b198f7c45a8a1d3bd2b4d13d8e325004fdeb717c717a8aa2883362c
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Semibold-webfont.b32acea6fd3c228b5059.ttf HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9067
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf
208.91.199.118404 Not Found 9.1 kB URL HTTP/1.1 www.aquaflow.ae/usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf
IP 208.91.199.118:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Hash 6477118ff99105bc0f6b9c4907570cfc
720d9d4d13758d9bebd025ac3f5cb04f42d5b133
7d55595078e2acc8ed734e74b358977832b77181340117f6e443c3a03c359261
Analyzer Verdict Alert urlquery Phishing - Key Bank
fortinet Phishing
GET /usrsyhgd/ibxkey/KeyBank%20Online_files/OpenSans-Regular-webfont.488d5cc145299ba07b75.ttf HTTP/1.1
Host: www.aquaflow.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://aquaflow.ae
Referer: http://aquaflow.ae/
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 06:55:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.aquaflow.ae/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9067
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 352626a548086666db82aa0c5e4e32e3
e0cf416d6510daf613b0003695ac99973feea813
82f8f5d1dbca8628e8b73e4a0b2a6d910396a3864358fea25d6e41248165d9d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3031
Cache-Control: max-age=91962
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:55:24 GMT
Etag: "638859bf-1d7"
Expires: Sat, 03 Dec 2022 08:28:06 GMT
Last-Modified: Thu, 01 Dec 2022 07:37:35 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 352626a548086666db82aa0c5e4e32e3
e0cf416d6510daf613b0003695ac99973feea813
82f8f5d1dbca8628e8b73e4a0b2a6d910396a3864358fea25d6e41248165d9d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3031
Cache-Control: max-age=91962
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:55:24 GMT
Etag: "638859bf-1d7"
Expires: Sat, 03 Dec 2022 08:28:06 GMT
Last-Modified: Thu, 01 Dec 2022 07:37:35 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ibx.key.com/ibxolb/login/images/apple-touch-icon.png
23.52.18.181200 OK 4.9 kB URL HTTP/2 ibx.key.com/ibxolb/login/images/apple-touch-icon.png
IP 23.52.18.181:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash fee1734f5f10bbd1c030e8cd2e1a8896
18d49e15c6adbf73acf60dc258d3630fb7f5090b
f84def209aa5859896a65dc88fabeb52f93d837b5271d8ffe0d557c92b706a07
GET /ibxolb/login/images/apple-touch-icon.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aquaflow.ae/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-1322"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 1
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-207117230"
content-length: 4898
cache-control: max-age=300
expires: Fri, 02 Dec 2022 07:00:25 GMT
date: Fri, 02 Dec 2022 06:55:25 GMT
X-Firefox-Spdy: h2
ibx.key.com/ibxolb/login/images/favicon-16x16.png
23.52.18.181200 OK 661 B URL HTTP/2 ibx.key.com/ibxolb/login/images/favicon-16x16.png
IP 23.52.18.181:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ea4b275c774e8170ed54751d39a6adbf
c4fda6c23491accd170362ab21108d8ae31a647f
735143f90a8c225ffe4c0a853b25f2068510d81f8f6a82db79db00233ccc4b58
GET /ibxolb/login/images/favicon-16x16.png HTTP/1.1
Host: ibx.key.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aquaflow.ae/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "63640efd-295"
last-modified: Thu, 03 Nov 2022 18:57:01 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 2
content-security-policy: frame-ancestors *.key.com *.keybank.com
strict-transport-security: max-age=16070400; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-1913987745"
content-length: 661
cache-control: max-age=300
expires: Fri, 02 Dec 2022 07:00:25 GMT
date: Fri, 02 Dec 2022 06:55:25 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 30665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kensington.com/siteassets/software-support/kensingtonworks/october-2022/kensingtonworks_3.1.2_1667509604.msi
104.16.193.233200 OK 0 B URL HTTP/2 www.kensington.com/siteassets/software-support/kensingtonworks/october-2022/kensingtonworks_3.1.2_1667509604.msi
IP 104.16.193.233:0
GET /siteassets/software-support/kensingtonworks/october-2022/kensingtonworks_3.1.2_1667509604.msi HTTP/1.1
Host: www.kensington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: .ASPXANONYMOUS=B-my-7f7mZB5Oo8NGVcT0tJJVLHBY5Xav0FjTRQyyMF5JnQrC4o9M3Ig5PPvaXB-tcLC63xhzlGU7f11KTgc6eqknpBLiz8XzbQLf0xhUrZsQSOMYI7bRn-dZde4Me7mgV_wONjy3WUKM1ZSxY4gDQ2; Country=US; MarketId=US; ClientCountry=NO; Language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:55:22 GMT
content-type: application/octet-stream
content-length: 128659456
accept-ranges: bytes
access-control-expose-headers: Request-Context
cache-control: no-cache
etag: "1D8EFC826BF5280"
expires: Sat, 02 Dec 2023 06:55:21 GMT
last-modified: Thu, 03 Nov 2022 21:06:33 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:839f7244-7697-41cb-b12d-56e3443b31dc
permissions-policy: fullscreen=()
x-powered-by: ASP.NET
x-download-options: noopen
x-content-type-options: nosniff
content-security-policy: default-src 'self' *; script-src 'unsafe-inline' 'unsafe-eval' 'self' *; style-src 'unsafe-inline' *; img-src 'self' data: *; connect-src *; frame-src 'self' *; font-src *; media-src *; worker-src 'self' blob: *;
set-cookie: ARRAffinity=2d694f7a64eb761961de4a57c1351749e13235dc4f3075c62327ea56276b46a5;Path=/;HttpOnly;Secure;Domain=www.kensington.com
ARRAffinitySameSite=2d694f7a64eb761961de4a57c1351749e13235dc4f3075c62327ea56276b46a5;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.kensington.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77322810efa20afe-OSL
X-Firefox-Spdy: h2