Report - capitalprimeb.com/account/login.php

Report Overview

Submitted URL
capitalprimeb.com/account/login.php
IP
188.165.207.30
ASN
#16276 OVH SAS
Submitted
2022-09-05 06:11:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.27.12.161
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	13 kB	34.120.237.76
capitalprimeb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	145 kB	188.165.207.30
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	capitalprimeb.com/account/login.php	Phishing
2022-09-05	medium	capitalprimeb.com/account/login.php	Phishing
2022-09-05	medium	capitalprimeb.com/account/js/main.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/bootstrap/js/bootstrap.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/countdowntime/countdowntime.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/animsition/js/animsition.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/fonts/montserrat/Montserrat-Bold.ttf	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/jquery/jquery-3.2.1.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/daterangepicker/moment.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/fonts/poppins/Poppins-Regular.ttf	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/daterangepicker/moment.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/bootstrap/js/popper.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/select2/select2.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/bootstrap/js/popper.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/animsition/js/animsition.min.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/vendor/daterangepicker/daterangepicker.js	Phishing
2022-09-05	medium	capitalprimeb.com/account/fonts/montserrat/Montserrat-Regular.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	capitalprimeb.com/account/js/main.js	1.8 kB	2023-03-07	2024-03-24
Pretty URL capitalprimeb.com/account/js/main.js IP 188.165.207.30 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:10 Last Seen2024-03-24 06:58:08 Times Seen33 Hash 75596f4b6ab98e332877001d92634a22 1523b9632bd88611d6fc8796bc46998e809d710f 8a765528ba5c48d800b001f751f4836cb7f9ccb1dec502d5194eb39bbf5fe79c Loading...

	capitalprimeb.com/account/login.php	264 B	2023-03-07	2024-03-29
Pretty URL capitalprimeb.com/account/login.php IP 188.165.207.30 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:10 Last Seen2024-03-29 06:27:22 Times Seen102 Hash 1e0625d5c6d365e5db5c9081315badbc 3353fbb8dbb85a3f936a40320817faa49e18b988 6d79a22566f07530402bfc8b87289129e8f3376b2dcde223196b57f7c4bdf7a4 Loading...

	capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.js	75 kB	2023-03-07	2024-04-13
Pretty URL capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.js IP 188.165.207.30 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:40 Last Seen2024-04-13 07:55:54 Times Seen147 Hash a87a2350e9140f31402b5ab5a60e5d69 6326f908d6c2f69bd6bd22e0cb3d076a19d02397 7555b2cd6c16af7c07bf8f2fc42f98019f2ddd877c3a798e1f65caf689e448b2 Loading...

	capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.js	20 kB	2023-03-07	2024-03-24
Pretty URL capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.js IP 188.165.207.30 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:24 Last Seen2024-03-24 10:43:08 Times Seen104 Hash 29564498d98a38bafad2c3d8f47d27e2 964862018aed909839ae4e02b7d74d8926070347 13ba894342b76563c80c26d7bbbde0fb9ff93786ed9c1468eedb563d044d1a8e Loading...

HTTP Transactions (45)

URL IP Response Size

capitalprimeb.com/account/login.php

188.165.207.30

301 Moved Permanently

251 B

URL HTTP/1.1
capitalprimeb.com/account/login.php
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
251 B (251 bytes)
Hash
40ac05d8e329d3281d89e38ac137217e
961573ec6361415935de9e68574c53e246d7fe8d
bb297458c92f2e32ffebef7a658c33a81bf9ab0584fddb6e902c689224263eb6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/login.php HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Sep 2022 06:11:08 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 251
Connection: keep-alive
Content-Security-Policy: upgrade-insecure-requests
Location: https://capitalprimeb.com/account/login.php
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: BYPASS
X-Server-Powered-By: Engintron

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 05:24:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qUCDmtXoiCxpuB3qeyNp1b6wrQbC8oLyZvxXGQLPVjFWmRSwX9B9cA==
Age: 2794

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4563
Expires: Mon, 05 Sep 2022 07:27:11 GMT
Date: Mon, 05 Sep 2022 06:11:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YJPeyy048LZbxPVUXaRyy_4cvGjft0A0voOSTCYq24bASpfLoTqWdA==
age: 17751
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
032a71f8daf0fccfb9b8c0287db5136c
7deeb8253cf245f51e8a4877dfec02477ddfe973
f8e318d5a16931c03568b65c27e89f7fadd479758ce6a5e4f1ee101fb2664be7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8E318D5A16931C03568B65C27E89F7FADD479758CE6A5E4F1EE101FB2664BE7"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Sep 2022 12:11:09 GMT
Date: Mon, 05 Sep 2022 06:11:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 05:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 06:15:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MEjBV984gz4_-SXsN-b2HRuqJT-l0bMjToL9fntUVfCRSAbOSGvUOg==
Age: 1973

capitalprimeb.com/account/images/loginlogo.png

188.165.207.30

200 OK

5.1 kB

URL HTTP/2
capitalprimeb.com/account/images/loginlogo.png
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
PNG image data, 200 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5133 bytes)
Hash
9266ecedad7044a5c4d9f17760c32e3b
1d222b26e2207180fb3469f99fac493e73a985c0
c9731f9235eabc935a1a1e4b1197d7df6f547a1939e0283c9a20a381f393ba84

HTTP Headers

GET /account/images/loginlogo.png HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: image/png
content-length: 5133
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 01 Sep 2022 12:56:47 GMT
expires: Fri, 04 Nov 2022 06:11:09 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4546
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:11:09 GMT
Last-Modified: Mon, 05 Sep 2022 04:55:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

capitalprimeb.com/account/images/bg-01.jpg

188.165.207.30

200 OK

90 kB

URL HTTP/2
capitalprimeb.com/account/images/bg-01.jpg
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 720x939, components 3\012- data
Size
90 kB (89865 bytes)
Hash
f7f9a140493114b2d0813fd5b53ac247
4755fbd4a213feb5b4965e32e94f6ba627591f73
a7f8659d3a01de9a1fc326a9738c015751779743638719cde3774a4d1ff2640f

HTTP Headers

GET /account/images/bg-01.jpg HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: image/jpeg
content-length: 89865
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 30 Apr 2020 17:25:04 GMT
expires: Fri, 04 Nov 2022 06:11:09 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.27.12.161

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.27.12.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qRk2bjIWXEdDXFXQZoqUNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AwWoegV14mkhL+rapBpeLRQehWc=

capitalprimeb.com/account/login.php

188.165.207.30

200 OK

2.1 kB

URL HTTP/2
capitalprimeb.com/account/login.php
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
2.1 kB (2081 bytes)
Hash
f9e05f6e810d358cf663f248e2f73d42
fa19805fcc288583e24d373187a93fcc2862f656
88a4898270fa1ac3c2554f267d75fc7c3a26656c1015bcdbdae685eeca5daeeb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/login.php HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4; path=/
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:11:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4483
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:11:11 GMT
Connection: keep-alive

capitalprimeb.com/account/vendor/css-hamburgers/hamburgers.min.css

188.165.207.30

404 Not Found

741 B

URL HTTP/2
capitalprimeb.com/account/vendor/css-hamburgers/hamburgers.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
741 B (741 bytes)
Hash
a8d5d733093620a1546837ca03cfd471
4bcae51f6cca53f1a9637d6c366ec0d8dd0af84c
751a1885c47a3d3325fd4bf7f34f0b804c739486231c3c49449925a7a284e81a

HTTP Headers

GET /account/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/animate/animate.css

188.165.207.30

404 Not Found

741 B

URL HTTP/2
capitalprimeb.com/account/vendor/animate/animate.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
741 B (741 bytes)
Hash
a8d5d733093620a1546837ca03cfd471
4bcae51f6cca53f1a9637d6c366ec0d8dd0af84c
751a1885c47a3d3325fd4bf7f34f0b804c739486231c3c49449925a7a284e81a

HTTP Headers

GET /account/vendor/animate/animate.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/bootstrap/css/bootstrap.min.css

188.165.207.30

404 Not Found

11 kB

URL HTTP/2
capitalprimeb.com/account/vendor/bootstrap/css/bootstrap.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
11 kB (11241 bytes)
Hash
336f3801826838343b38fec70b2a4103
1bbe21964abac1fdfdf38c6ce950afc3f8c7db55
2892907b4c3a8481209f3c9c16429c4799fec03f9c72d2e09e3854e9352a89d3

HTTP Headers

GET /account/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6486 bytes)
Hash
9d19ae40ba0a61c69d0bbc87ed8da454
064232b77c890404a294500597e562b3945453be
a2d2bfe5d44394511949665e36492706dd655a46198bf7ae555033eedfa46d83

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 94ff7301-4895-4fad-81db-a2774c8db061
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeaFDYIAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c45c-450abb734f447a2c2db18aae;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:05:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _rdmPm3Jy_SzHM6g7lQGWxUkjzWkv6WM46xrwnIa0SWNxyufdjLHsw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:41:46 GMT
age: 8965
etag: "064232b77c890404a294500597e562b3945453be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

capitalprimeb.com/account/fonts/font-awesome-4.7.0/css/font-awesome.min.css

188.165.207.30

404 Not Found

7.7 kB

URL HTTP/2
capitalprimeb.com/account/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
7.7 kB (7669 bytes)
Hash
c7da21897b2bc2340a3104a2df580db0
17d4aaf76b760cd2ec1a77eb97969befe6b96d93
676b8e74402e600737c34df110e0f1969274fa7b8c5b33a526131be59204d3dd

HTTP Headers

GET /account/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/js/main.js

188.165.207.30

200 OK

6.4 kB

URL HTTP/2
capitalprimeb.com/account/js/main.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
6.4 kB (6402 bytes)
Hash
06745c7555b9282f97259bc966002e4b
caa83c9a03179ed03a446418344d7b01df778136
bfe01f1fb918145e55ad0dbdb15cca76e488327d8d84aa3c8d4215ffb92c9e76

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/js/main.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: application/javascript
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 30 Apr 2020 17:25:04 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4452 bytes)
Hash
e1556a0afcd327679e471ac6373ca29f
15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a
d3537c985a20cf69290064fbd46778a6fbe6604cb6b37b272c8058142f02ffdf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4452
x-amzn-requestid: 882486d7-8cdc-4986-8562-6ec196c2a8e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt-dIFk7IAMFs4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f1120-5a4edfae33e2ef3f133e22f6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:43:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dmOD872bprnv74JVQ9X7Te_N8O5MQZQIv5a_svfRf_SkYMJNu3g07g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 04:32:13 GMT
age: 5938
etag: "15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

capitalprimeb.com/account/fonts/Linearicons-Free-v1.0.0/icon-font.min.css

188.165.207.30

404 Not Found

8.7 kB

URL HTTP/2
capitalprimeb.com/account/fonts/Linearicons-Free-v1.0.0/icon-font.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type
data
Size
8.7 kB (8707 bytes)
Hash
c444b630a9fb414a58e137b92f2b506a
e835752d7827415239bab02f2aa237bde5ece7eb
06a741d50fa6ae73b320731fbd88c2f9398f04edb37bdc995c9b130e08ccf8ae

HTTP Headers

GET /account/fonts/Linearicons-Free-v1.0.0/icon-font.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/css/main.css

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/css/main.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/css/main.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/css
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 30 Apr 2020 17:25:04 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.js

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/library/spry/passwordvalidation/SpryValidationPassword.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: application/javascript
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Oct 2019 21:27:20 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/bootstrap/js/bootstrap.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/bootstrap/js/bootstrap.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/countdowntime/countdowntime.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/countdowntime/countdowntime.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/countdowntime/countdowntime.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/animsition/js/animsition.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/animsition/js/animsition.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/fonts/montserrat/Montserrat-Bold.ttf

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/fonts/montserrat/Montserrat-Bold.ttf
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/fonts/montserrat/Montserrat-Bold.ttf HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/css/main.css
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.css

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/library/spry/textfieldvalidation/SpryValidationTextField.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/css
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Oct 2019 21:27:20 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.css

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/library/spry/passwordvalidation/SpryValidationPassword.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/library/spry/passwordvalidation/SpryValidationPassword.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/css
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Oct 2019 21:27:20 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/jquery/jquery-3.2.1.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/jquery/jquery-3.2.1.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/daterangepicker/moment.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/daterangepicker/moment.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/daterangepicker/moment.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/fonts/poppins/Poppins-Regular.ttf

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/fonts/poppins/Poppins-Regular.ttf
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/fonts/poppins/Poppins-Regular.ttf HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/css/main.css
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/daterangepicker/daterangepicker.css

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/daterangepicker/daterangepicker.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/vendor/daterangepicker/daterangepicker.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/daterangepicker/moment.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/daterangepicker/moment.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/daterangepicker/moment.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:10 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.js

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/library/spry/textfieldvalidation/SpryValidationTextField.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/library/spry/textfieldvalidation/SpryValidationTextField.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: application/javascript
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Oct 2019 21:27:20 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/bootstrap/js/popper.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/bootstrap/js/popper.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/bootstrap/js/popper.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/select2/select2.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/select2/select2.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/select2/select2.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/select2/select2.min.css

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/select2/select2.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/vendor/select2/select2.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/bootstrap/js/popper.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/bootstrap/js/popper.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/bootstrap/js/popper.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/css/util.css

188.165.207.30

200 OK

0 B

URL HTTP/2
capitalprimeb.com/account/css/util.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/css/util.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/css
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 30 Apr 2020 17:25:04 GMT
expires: Wed, 05 Oct 2022 06:11:09 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/animsition/css/animsition.min.css

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/animsition/css/animsition.min.css
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /account/vendor/animsition/css/animsition.min.css HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/animsition/js/animsition.min.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/animsition/js/animsition.min.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/vendor/daterangepicker/daterangepicker.js

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/vendor/daterangepicker/daterangepicker.js
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/vendor/daterangepicker/daterangepicker.js HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/login.php
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

capitalprimeb.com/account/fonts/montserrat/Montserrat-Regular.ttf

188.165.207.30

404 Not Found

0 B

URL HTTP/2
capitalprimeb.com/account/fonts/montserrat/Montserrat-Regular.ttf
IP
188.165.207.30:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /account/fonts/montserrat/Montserrat-Regular.ttf HTTP/1.1
Host: capitalprimeb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://capitalprimeb.com/account/css/main.css
Cookie: PHPSESSID=bt9vdlpot7ieheh8drjt90u6v4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Sep 2022 06:11:09 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type