r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5323
Expires: Wed, 16 Nov 2022 14:36:30 GMT
Date: Wed, 16 Nov 2022 13:07:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b4e6c72233070ef185ff980135e9555
2f14523a3f6f9532df3b872984fd23e156d2c465
5040e340e60b331b1569d52d66afcd5649a4121e2841d38cca0974e2a4c0af75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2133
Cache-Control: max-age=165543
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:47 GMT
Etag: "6374bbf5-1d7"
Expires: Fri, 18 Nov 2022 11:06:50 GMT
Last-Modified: Wed, 16 Nov 2022 10:31:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5512
Expires: Wed, 16 Nov 2022 14:39:39 GMT
Date: Wed, 16 Nov 2022 13:07:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 12:44:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1382
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L4qspY4jKmGJ+WExhHTgfhwiO+e9N9XH7JXUgm5o6zZrdK6OPjal3roTUcdnvjcUCUcuywvPVXY=
x-amz-request-id: 9JXCFVM0YFHF2HDS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 12:52:02 GMT
age: 945
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 13:07:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 12:44:49 GMT
cache-control: public,max-age=3600
age: 1378
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8345d8a2ca46c3b181a81d8626d0425f
5d9d088c5dca072bbc9ad23a15450e7af7829400
663b0e6c239177f35b5b48d4203ce95aabc0e5bab7911f5b1d9fb7624cac2e25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6233
Cache-Control: max-age=164593
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:47 GMT
Etag: "6374a83b-1d7"
Expires: Fri, 18 Nov 2022 10:51:00 GMT
Last-Modified: Wed, 16 Nov 2022 09:07:07 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash c4ab5fcddea48a045e36d80175d85244
4ef6bc24500ee48746f0237448e68ac15ae818ef
3f8c08b680a7ec5243f6299f9477d1a6edca73961cab546d385b04d25d1ab0fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F8C08B680A7EC5243F6299F9477D1A6EDCA73961CAB546D385B04D25D1AB0FE"
Last-Modified: Tue, 15 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 16 Nov 2022 19:07:48 GMT
Date: Wed, 16 Nov 2022 13:07:48 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ev7NHfFomtEtXMXXOgZGBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+/ADM/Z5fc/SDW20CZcs/Fr2M0=
kumi93kumi.com/FirstTech/
163.44.185.205200 OK 14 kB URL HTTP/2 kumi93kumi.com/FirstTech/
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (20931), with CRLF line terminators
Hash d5fa0c7aa8d3f5d94d46d34a0746fb4a
5308f8fe9dcfdc7c9871b15a6b5e4684428bb171
e8a9c83bca910cd8d608c2339b50b8a3f3dcf324e3e784ad04fdcd41ba98ab02
Analyzer Verdict Alert openphish First Tech Credit Union
fortinet Phishing
GET /FirstTech/ HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/html; charset=UTF-8
content-length: 14029
server: Apache
x-powered-by: PHP/7.4.33
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js
163.44.185.205200 OK 13 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32015), with CRLF line terminators
Hash e5008bbe52cb7c3dbc97bea87bb26481
270454327e7f27390dec5cdf25d4c48ffc4d95fb
eaa22940cab13dccf9b600f059187e0013b63f1eb41f64e618ac883aca5196c2
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/nr-spa-1118.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: application/javascript
content-length: 12948
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/analytics.js
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/analytics.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1656), with CRLF line terminators
Hash 13e24c8986b319e38b76f0db76361942
1aadc448e8fa459314a7537061845cbdb8532da2
33d3fae81b67dc4661f5ab5ca937b49b2abf6b47c8f7ce2cf96f7b2f3a57557b
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/analytics.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: application/javascript
content-length: 17620
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/css.css
163.44.185.205200 OK 666 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/css.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with CRLF line terminators
Hash 5239690468dd765cc2efdaf8bb5e9591
74def02ce0680cd1596d10ee6fd9b6473dc23f22
e6ccd5dc75dbe45bb93ac542275e68f674b0725bafab48882c9855817e989cfe
GET /FirstTech/Connexus%20Credit%20Union_files/css.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 666
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/yui-reset.css
163.44.185.205200 OK 442 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/yui-reset.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (746), with CRLF line terminators
Hash 8aef766dca9579bc37ec279321c88d9e
7f493dcb8b752edadf5832ecfef8614e70e47e9f
73bb19387863edd8a65876e39b94cda46abd5cfcc86d192a1825d74f3fbdb6ff
GET /FirstTech/Connexus%20Credit%20Union_files/yui-reset.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 442
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.css
163.44.185.205200 OK 829 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2651), with CRLF line terminators
Hash ba4026b9c7aa09cafab00930363543d9
15931af021a1243617d1778c801520740ef16044
4f1737ae79b30e0af2f13d1ba9cdaca598505ab48ba1534049e0ff1947eb35a7
GET /FirstTech/Connexus%20Credit%20Union_files/jquery.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 829
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css
163.44.185.205200 OK 7.6 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (29352), with CRLF line terminators
Hash c5537111f351964e36cb0e1ecff37e73
3a91b251a035a69ce25d843961b2def1ffbe3982
b4ed5f8b5895332d87d5f9ea14bcf901f97174b6c25f9b36701ac4b909283758
GET /FirstTech/Connexus%20Credit%20Union_files/jquery-ui.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 7578
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext-all.css
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext-all.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65409), with CRLF line terminators
Hash 773063a1f62da989055ff1eacab48fc0
703eefbd0eea036489804fd2e70d2b3ee40720a0
2504c66b90f765e679e042ed8d44a9b69431cd786d4972492078736f125ea0a8
GET /FirstTech/Connexus%20Credit%20Union_files/ext-all.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 17529
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css
163.44.185.205200 OK 361 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (743), with CRLF line terminators
Hash e73015807e4d4c679f8e15a2908ef1b6
3e5f6850497e9191ff4ec4370c7c393f87847306
071b116de4c58fd4012952a134f145d5aa2835801b8c43fd5d7354b968f71cfc
GET /FirstTech/Connexus%20Credit%20Union_files/pretty-checkboxes.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 361
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/base.css
163.44.185.205200 OK 34 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/base.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32028), with CRLF line terminators
Hash 57eefd22d8611210e6822456edead76e
b120f6356fbba810add5c0ec724bd7ed6f82efb4
50fd35b6cfb220365497e6ffd85ec140a37887db4bbfa065193e7fce0574e3f3
GET /FirstTech/Connexus%20Credit%20Union_files/base.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/css
content-length: 34158
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/grid.css
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/grid.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5600), with CRLF line terminators
Hash e717667738168d007eaeaa666a4b538a
c138f013a95976dd3e0ee7a5eaf3a6386f1e431f
a9b2fc74af81a1de406d8b55d168e1b0846af1ac225e731b9604030ea9438ced
GET /FirstTech/Connexus%20Credit%20Union_files/grid.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 1510
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/sidebar.css
163.44.185.205200 OK 847 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/sidebar.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2691), with CRLF line terminators
Hash 39b5d696474f2518a797ec95445725e5
1f72c446a978251cfd1e739dec1915b8c9001c9b
b74914541263fc3ea47b76ba913a61c69b69b88e1ab710eeb16b40ef3f0344d6
GET /FirstTech/Connexus%20Credit%20Union_files/sidebar.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 847
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.css
163.44.185.205200 OK 346 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (537), with CRLF line terminators
Hash 4964dd45c5dcf3d2356aea1c469eee17
fcae1099d61898471a06505b54815e939e79a6b8
0dbed80cc950db35092e930a2548754253b58cdb1199d3a4eac0034122e68c34
GET /FirstTech/Connexus%20Credit%20Union_files/iris.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 346
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Wed, 16 Nov 2022 15:38:44 GMT
Date: Wed, 16 Nov 2022 13:07:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Wed, 16 Nov 2022 15:38:44 GMT
Date: Wed, 16 Nov 2022 13:07:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Wed, 16 Nov 2022 15:38:44 GMT
Date: Wed, 16 Nov 2022 13:07:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Wed, 16 Nov 2022 15:38:44 GMT
Date: Wed, 16 Nov 2022 13:07:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Wed, 16 Nov 2022 15:38:44 GMT
Date: Wed, 16 Nov 2022 13:07:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96b4478c098865b0d19738098db61d64
0e18a8c51596c8a4d84a142a57ffe376294833cc
9c9e433cf8f2167e4cfc3cff247eee85ebb9977e338e6e144acaea830db17c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0be1985-4e6e-4cc3-9b6e-2fc0d94bc02b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5749
x-amzn-requestid: c67c9352-e777-417e-afe1-003d7a072e86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkItcGfcoAMFzkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637187ef-670b63160b7d0cdf4a5b609e;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 00:12:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vFDS3_SNf5hbW8NAtNERJbS1jj29nWO0_GSIypgwlv7kymKieO8qNA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 08:43:09 GMT
age: 15880
etag: "0e18a8c51596c8a4d84a142a57ffe376294833cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GLJACvZUJjLdl3O2HUkWjgr7MqT_SRigTSdweSaTxUc-gTDULbYliA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:14:18 GMT
age: 53611
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e55852-45bd-4ea6-98bd-7cf863b088c9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e55852-45bd-4ea6-98bd-7cf863b088c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba648c440393de8ff1e9912204461a96
103dbdc3e18ff05f3dd61ad0ab1164786e8fa125
d7a414856c394028119f8ef496466a120eecc6044955562cb4745b90b5275391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e55852-45bd-4ea6-98bd-7cf863b088c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10381
x-amzn-requestid: 07399c7d-2033-4fbf-b4d3-20289b1abaac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFjHlBoAMFo2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406f0-0e5cb3c95668b5a31f6ec404;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIZdY-ifSCB-OVNRGQW6Y_Q2DR0ZQr14PcgJUKG1Xfb703CJvhdXqA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:00:22 GMT
age: 54447
etag: "103dbdc3e18ff05f3dd61ad0ab1164786e8fa125"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:15:24 GMT
age: 53545
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0ab55e0e77a4265808a6689f25cbc3
187e6b340b43eb1aa0c724b749db7c20a486706a
3881e5ad44b9b2fae82510794af43d14e304ce624f26f66523f85d58fea063dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9625
x-amzn-requestid: 9bd72b4a-2ac0-423f-b0e2-73fd51e02e97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBHTjIAMFvOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-57f5412d5eca6d640a0f590d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UavYBt2WjF4WCRJGtM2zS-dZinNLgs_0HuyORwaVCSlj-32Qd6sNTQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:09:56 GMT
age: 53873
etag: "187e6b340b43eb1aa0c724b749db7c20a486706a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b31091803f98744f4da3b311467300a7
d829c5d23a494bc901d925dd02b84c470a0de479
c1cb88b82d8b5a82019da970f812cd31e13086c2da8498a21a57e7238aa34fe8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b5dd68c5-7146-4d31-a7fd-4ac4c474119a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnb6bGeyoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372d9dc-2ca4003e65d69039389bc676;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 00:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8TqIvhJUq_yG_iMFds_btqtYsrNzoaZeIQgOP0-Kc60yuQFOPYEXRA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 09:48:03 GMT
age: 11986
etag: "d829c5d23a494bc901d925dd02b84c470a0de479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css
163.44.185.205200 OK 2.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (10371), with CRLF line terminators
Hash df2bcdea1a384a976376e3b8f333f1d8
b6d7c8fe06f1c06537a32f9a2305264bfc8d1dfb
c32fe857599c463f0588e1e69bcd1b815b2749511c93e95fe538f071850cc013
GET /FirstTech/Connexus%20Credit%20Union_files/browser-unsupported.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 2056
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris_002.css
163.44.185.205200 OK 15 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris_002.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e9a2f3b49c7977884785abe22b27a51
1d46575e724b9136786b7dd3e1ee5c82ebdd058a
b854a8136de7368c96732afb951d7c50bfb417ae356bf61ffe81200c94074816
GET /FirstTech/Connexus%20Credit%20Union_files/iris_002.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 14608
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.css
163.44.185.205200 OK 3.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20220), with CRLF line terminators
Hash 8f411d7fb42255ac382a1c17ae1c7d9a
4f2cab3f40491147fbc8bf031cdcaf3cc9c2c42e
9285b924759ce74bcf7479f55b5a1da03cc0aa6989145177f65dd3734ad7ff1d
GET /FirstTech/Connexus%20Credit%20Union_files/Authentication.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 3237
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fi.css
163.44.185.205200 OK 8.0 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/fi.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (40820), with CRLF line terminators
Hash c978cbf8dce47cf69da9740b4de47a6d
7d4b28657a915821a647446ba0768b1dfc1306b2
40e3c31b2b93181344f712489d780b1172257323575417ac7f83246d895d7d52
GET /FirstTech/Connexus%20Credit%20Union_files/fi.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 7977
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/theme.css
163.44.185.205200 OK 4.7 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/theme.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27196), with CRLF line terminators
Hash d23511482962e3f497425b25069ae198
6f0e6690824593c398664b7eafa476d43e53676f
ceefa8cf263a1a899c9755d5f259c7568f3fb82b8203413b72b9bb48eb3a9f9e
GET /FirstTech/Connexus%20Credit%20Union_files/theme.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 4655
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css
163.44.185.205200 OK 99 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with no line terminators
Hash fc23a0c679b13b3451236e284f4330b9
645e90c3d5cf7cfc0e23afd02c63eabf987715f9
63e578f6d6e2225151cd126931d55fa822949e94f8888cf81912fb7e492b0a9c
GET /FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/css
content-length: 99
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/app-store.webp
163.44.185.205200 OK 1.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/app-store.webp
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88ee13ae12959c2a4ac8f073d4eaeccc
bd550bacbea4ebc7e280d0e92ab14909bc6a8478
b3a36a3665c80d7325ba725bbc5e3c05f8768278ecd0a53494f81bdfda5aa637
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/app-store.webp HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: image/webp
content-length: 1111
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Logo.png
163.44.185.205200 OK 20 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Logo.png
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 400 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 029001f80b5bcbc5ccbadb3b0e21238e
41072b74133c26b08faef0a7d415155c9ea2c4cf
eb73ff64de1dfa7e7e7bb7b5a052299907731de3a336e298bffb9a7d4461b0b1
GET /FirstTech/Connexus%20Credit%20Union_files/Logo.png HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: image/png
content-length: 19464
server: Apache
last-modified: Mon, 14 Nov 2022 22:49:16 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/play-store.webp
163.44.185.205200 OK 1.7 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/play-store.webp
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d2fb2a8ffe3e09698b61ffa1fee8ea6
67db26698b5cb0970eefeb5a089d6eac3f4aae02
2fd9168c052a3a6e73e45d604f99b9a217ec23858f384bbf05939a686246d6d7
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/play-store.webp HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: image/webp
content-length: 1669
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/localization-ts.js
163.44.185.205200 OK 441 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/localization-ts.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (741), with CRLF line terminators
Hash 1d8ae1e60c45ae774ff49222e2280292
9e4a2b2ce601adbb119c4d947fc8f83eec0346cb
55546107623083cdabfff5d70ce6f4f8b9511d5040ba96db568232dd53e28cf6
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/localization-ts.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 441
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
163.44.185.205200 OK 19 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Hash b5b117ac20a0b74e963ec1068075bf55
d9987bbdc9d0b8a3395391fe8721c716a8657cc4
11de31b749fa45c7cfec60a0389afb0f5e32c6e03c3d14a93f1959b215268989
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/103929_awfcPP4TLsBKE7bbi7Z8kSgcccc HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/plain
content-length: 18628
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/polyfill.js
163.44.185.205200 OK 9.3 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/polyfill.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (27394), with CRLF line terminators
Hash 304dd489515edf884300bc342ed6564d
baf67714b0659f4108143d8dc25cea26d33c7c6a
a69ab2493bbe5ed27e87ac3d725de51f193aa27d99e6e7c071c8cdeca0422be7
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/polyfill.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 9305
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.js
163.44.185.205200 OK 30 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/iris.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6805ed1ce79138651746b971b9ed46f3
c10e8b6cc09beb6bcadddbda23d1f0e7383dd304
351b2f44257fa01dae2eb209c52e4c99589e3fa35056881a7e88c12d65075e7e
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/iris.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 29571
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15440, version 1.0\012- data
Hash 55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:59:15 GMT
expires: Thu, 09 Nov 2023 18:59:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
age: 583714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 347751
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Hash 037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:31 GMT
expires: Sat, 11 Nov 2023 23:09:31 GMT
cache-control: public, max-age=31536000
age: 395898
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout.js
163.44.185.205200 OK 32 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash 1dd6153dbae8ab572ac40bda93da4c4b
d756da54f84706ae6a26ee212820d00f829e5d3d
8f6ffadacc1d28d8f2b142e89bd4d634d733d3fc11a9c3d85226c0e1dc5a495e
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/knockout.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 31699
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/vendor.js
163.44.185.205200 OK 38 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/vendor.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (51679), with CRLF line terminators
Hash a78ddb6258297b76b031801317858510
67e18a445b0942c83faf4226c655cded3b62835e
81cf6449f44e25e52ae672d1c8c721f6191f0210b407b96574fadc6cff69a326
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/vendor.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 37570
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.js
163.44.185.205200 OK 17 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (32010), with CRLF line terminators
Hash 859a53ac4180d44f1f9cf4be1d07b2c4
7cb569db7b1e44ec4a246e506180ac7503bae0c7
4800f42bf6d6f93aa09c191791f1635fbca6cc63ba9a06e79b54bc363556d8ff
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/jquery.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 16713
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/globals.js
163.44.185.205200 OK 18 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/globals.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (31981), with CRLF line terminators
Hash 332fa41359b46e6ffa3711713ff93aaa
8c5d76446730100f042572dacb74b0328fefb16f
4222bd8196cc75f5bd3473c90107874ec8e55c4583ebbff7ed0d127d7ed53c24
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/globals.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 18479
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout_002.js
163.44.185.205200 OK 2.4 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/knockout_002.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (7656), with CRLF line terminators
Hash 9c120ee77f171ae8f9f983bdcf8e2df1
8f0812c8c5bbfa4bb0dc1c1be4896dce02ccc252
3a583bc35548c5df077ebd1a23a7dc670bb9121bee3df28d1570c7c93e762c01
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/knockout_002.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 2377
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/shared.js
163.44.185.205200 OK 1.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/shared.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3158), with CRLF line terminators
Hash b6e9ac5124f68cf3e2cc279068598375
d8eed53a66e0abc47524a434065ce11ee3594a41
560dc085e32c5c73bae4ada283214386d88f52437872972402f337881812b53a
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/shared.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 1217
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.js
163.44.185.205200 OK 2.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Authentication.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (6838), with CRLF line terminators
Hash eb435cbf8ebe3778f61fc27d97943108
5c67c39e44a5a3c4bdfce2cbb23d2924e97e7b77
97e010bc1821b885ba7b1444f11b855fdf442b47e4da681cf437c506a9ccd439
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/Authentication.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 2089
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/flashInterface.js
163.44.185.205200 OK 1.1 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/flashInterface.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2644), with CRLF line terminators
Hash b3398c8c07f271b96f58dec704938ee8
4a9af51847c1898db40a1b317f24c88907ab91ca
6404060a72ac236ded79c97f585db8b6901e1d19eff522ab4c0afc00bbc33fd9
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/flashInterface.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 1097
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/plugindetect.js
163.44.185.205200 OK 10 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/plugindetect.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (30324), with CRLF line terminators
Hash 7de46fd61aca0acdde7e67ed02535ef8
1d7e1c42fc2d55fe89773446af440c3c2972f91f
8787e233b041cb8e1fdffa0a437eefb83a79bd9161c4d98daeef0960f7044a3c
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/plugindetect.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 10167
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/machineInfo.js
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/machineInfo.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5113), with CRLF line terminators
Hash 06c03a56bd25ebb898fa3cebfe2b6eed
b37266f9b7bc93f4aa9360844fbb0c648eaf1b01
04d92f0418e5da2a6711c58beab6b7279171356251d2e76e766a7ed1adde61ba
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/machineInfo.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 1535
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Helpers.js
163.44.185.205200 OK 502 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/Helpers.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (806), with CRLF line terminators
Hash d0b318c493c5553ed98069144f05166b
7437532495f1c91375f79e3801e6598719d6e294
480d4a62116b53be02bb02b7fea75e07886be6c97ca04e58f5f56c9055ab1d64
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/Helpers.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 502
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js
163.44.185.205200 OK 1.5 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3853), with CRLF line terminators
Hash 1d24bcc2c78a95a64dbc824ef41dcdc5
a3badf737315c26e553d9d60248b352be9d5bffe
3fcd523fc78f6f2c055d9e70df59788b2af95b4cb679e33afccca061a5e7bc2d
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/MutualAuth.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 1457
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
163.44.185.205200 OK 5.0 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (20326), with no line terminators
Hash 5af05714fbc0f2f9f22e47ba35ee7daa
475f5981424f63a98f49add981c303edfd8cdf04
b669733a73a2c58a0a5a2d6eba3652aeb411ea15d60f0810705bff757d8f2c57
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/10051_2ByCxz7bbFvhP2fxyigUtkgcccc HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/plain
content-length: 4965
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js
163.44.185.205200 OK 2.2 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2344), with CRLF line terminators
Hash d4bec1f696865fe83d4a0829f39f5527
1a892e1d317b60d5fdac0385e102465d7f283ee2
1c23c3d4fd433d0041abdf33a5e777fd567d212c297dbd51c10371ebc581e187
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/YodleeFastLink.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 2172
server: Apache
last-modified: Mon, 14 Nov 2022 22:48:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 16 Nov 2022 12:41:09 GMT
expires: Wed, 16 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 1602
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kumi93kumi.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
163.44.185.205500 Internal Server Error 418 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/Alkami-font.woff?636833168113306165
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ca042f281b85fd773d1e2226a4018e29
c43fe9c37b370b9d0367848944fb66dec21ef719
d220b951ec71353c6739519237daaae49cb7b3f86160da9b9a1f03744b0af814
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/Alkami-font.woff?636833168113306165 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.578175234.1668604069; _gid=GA1.2.381232222.1668604069; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext.js
163.44.185.205200 OK 221 kB URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/ext.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Size 221 kB (221289 bytes)
Hash f13e5413899538b08ca19780762cb382
b265be37b4037a338de205163a355fcbdc300ddf
68d9989f59fed246b42582638def1e9d90c816486c481d6dcb760cd24031085b
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/ext.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
server: Apache
last-modified: Mon, 14 Nov 2022 22:46:43 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bba882f8c1783ddc3069c69735b2f4a0
352a4b789869b7208d8c6dd4dfa7b28bc4ace0f7
5094680ad392325c811b64acc9b083352fbb7c46b5e9ae93253ae36ef4eba54f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1242
Cache-Control: max-age=168981
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Etag: "6374cce2-1d7"
Expires: Fri, 18 Nov 2022 12:04:12 GMT
Last-Modified: Wed, 16 Nov 2022 11:43:30 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_gid=381232222.1668604069&gjid=1252256516&_v=j73&z=1618686157
142.250.150.157302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_gid=381232222.1668604069&gjid=1252256516&_v=j73&z=1618686157
IP 142.250.150.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cb297636b8c78ab0f09cb4bd22556dab
256c1f362c9bd72cc4557879fdf71bfe91a624ce
b9c8054fa3e565774b5825b2f4974f9836b5d720ed082ef5cf1162a583600251
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_gid=381232222.1668604069&gjid=1252256516&_v=j73&z=1618686157 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kumi93kumi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 13:07:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d96ce61547f9d3184b571ec26c13f61
9607a743ed3f0c67ffd8aa22fdc76070c00b18fc
ce83e5b84417ac34b261442b70b71cec63124f57e8baa8acee68dc22c38763c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74c07a15d0960c36c1d1160344b946da
9b0d25cc445c83d1eae53deb84a2a74b152af6d4
ba99f5ae2d779e578700195798bb71dd43f11195ef6a982e0eaac735e26b5a85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kumi93kumi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:07:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157&slf_rd=1&random=3515708152
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
163.44.185.205500 Internal Server Error 471 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash 1b43631817b375ad10d08b6fd9ff9249
ca2988f207b07f60e4204c701e127f84a69a5446
d61ac811e9c087f7fe5a9baeaf3065ac313c1e777f169cf91516ef4b83304f1f
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/login.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.578175234.1668604069; _gid=GA1.2.381232222.1668604069; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/snippets.js
142.250.74.3200 OK 471 B URL HTTP/1.1 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/snippets.js
IP 142.250.74.3:0
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/snippets.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5feeb7e989b35505b27dd9e63042920e
806933568b6652daca1c09ba165a446b277d7c4c
ca2ba92bbe3e9a7e47e58d661ceda3848e75f4e6d2ccd5e8724160ec25f34bf8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=115883
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Etag: "63740252-1d7"
Expires: Thu, 17 Nov 2022 21:19:14 GMT
Last-Modified: Tue, 15 Nov 2022 21:19:14 GMT
Server: nginx
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5feeb7e989b35505b27dd9e63042920e
806933568b6652daca1c09ba165a446b277d7c4c
ca2ba92bbe3e9a7e47e58d661ceda3848e75f4e6d2ccd5e8724160ec25f34bf8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=115883
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 13:07:51 GMT
Etag: "63740252-1d7"
Expires: Thu, 17 Nov 2022 21:19:14 GMT
Last-Modified: Tue, 15 Nov 2022 21:19:14 GMT
Server: nginx
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157&slf_rd=1&random=3515708152
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157&slf_rd=1&random=3515708152
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71023015-1&cid=578175234.1668604069&jid=1329067587&_v=j73&z=1618686157&slf_rd=1&random=3515708152 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kumi93kumi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 13:07:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kumi93kumi.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
163.44.185.205500 Internal Server Error 471 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/AlkamiLogos.ttf?636833168113326186
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash 3a9734f9f93c8158e73e4491e35f56bd
e57dc6ee66918ae45ce20c6dea942d2e786ff17c
171dfb208dfcaa849595e79c07f998833a5560ae06c736f9f4c45f445e121ada
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/AlkamiLogos.ttf?636833168113326186 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.578175234.1668604069; _gid=GA1.2.381232222.1668604069; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1118.min.js
151.101.86.137200 OK 13 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1118.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32015)
Hash 8652588de7907a2ff449646421e5e5c1
593149229a462cd897d39da89552428d14cdaa7c
9169cade724eb2c4f34ae87c31fcd35529c2861d089fd659d653fd46d2dcd893
GET /nr-spa-1118.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4DwFcnOgMis86rhhe7f7AoG/5omHUqKbvJI1UGQ2X1vKTVJZeIw+R+DnJ7Anap5xLa1oYMt2unw=
x-amz-request-id: 2QM0E5SWXB5M5NJR
last-modified: Wed, 02 Jan 2019 18:42:31 GMT
etag: "7e24c95b9a35bca45860d13c1ef0a95b"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 16 Nov 2022 13:07:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 38
x-timer: S1668604072.589343,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 12943
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js
163.44.185.205500 Internal Server Error 471 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Hash 2816974181afea25a0509f3f6375fe02
f26b737682c3076bc5cd7d866368f141c4a3e084
09eae85d7db49bd27881eed337ad2a2e1aa075a94ac5ae323f2907d3791b4f56
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/RiskEvaluation.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
104.17.42.19200 OK 4.3 kB URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/android-chrome-192x192.png
IP 104.17.42.19:0
File type PNG image data, 192 x 192, 4-bit colormap, non-interlaced\012- data
Hash f559d931134bca72ab30201a5d814e36
34a54f529ad572313cbbda37d5485dbf39693a04
7a10862a91523af52c5fb3b4dc50039d919a54a0a3365d7335a40d6f77f037bf
GET /Orbital/Connexus/favicons/android-chrome-192x192.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:52 GMT
content-type: image/png
content-length: 4253
last-modified: Mon, 24 Oct 2022 06:12:51 GMT
etag: "7e9d8ba56fe7d81:0"
x-svr: WEB162684
expires: Wed, 16 Nov 2022 13:17:52 GMT
cache-control: max-age=600
cf-cache-status: EXPIRED
accept-ranges: bytes
cf-request-id: 152226a66b00001bfa4f801000000001
set-cookie: __cf_bm=9AcJpVxejzJ8vHoQVxA1MlsTlxQ2cwIXl1mDOTvSJaQ-1668604072-0-AYtSsRNnBDQ1y9WpGkakOZ8xPp2HfewkGPkLkBbnn4+KNIBPBDOVF6pHPjHiFVm1+cC+5HE5LR0AJ8JSbGOceGs=; path=/; expires=Wed, 16-Nov-22 13:37:52 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b073b718b51bfa-OSL
X-Firefox-Spdy: h2
onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
104.17.42.19200 OK 284 B URL HTTP/2 onlinebanking.connexuscu.org/Orbital/Connexus/favicons/favicon-16x16.png
IP 104.17.42.19:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5d15480a42008adfc6a2210aa3c0f34e
a1bb91beaef073f57551849fbd5414b3c4a8bfe1
44922a1bb754a26cf842a1031e8f0d3f2141564f1bfc444fe5cc433fa0a81ee4
GET /Orbital/Connexus/favicons/favicon-16x16.png HTTP/1.1
Host: onlinebanking.connexuscu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:52 GMT
content-type: image/png
content-length: 284
last-modified: Mon, 24 Oct 2022 06:13:10 GMT
etag: "e5ae16b16fe7d81:0"
x-svr: WEB1657148
expires: Wed, 16 Nov 2022 13:17:52 GMT
cache-control: max-age=600
cf-cache-status: EXPIRED
accept-ranges: bytes
cf-request-id: 152226a66c00001bfaf9001000000001
set-cookie: __cf_bm=xqPPNRzLQ879u.BYb1poqOLM8JPHyVmpRxCv40W6Cgs-1668604072-0-AfeMu7UNtresCgVZtWqwOHWBFhY3kbyK05GfNl8P/IBnEJIOzw7L7RvLM2YFkOUSBag5ATSlTQFB9/O0woQb5LU=; path=/; expires=Wed, 16-Nov-22 13:37:52 GMT; domain=.connexuscu.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 76b073b718b71bfa-OSL
X-Firefox-Spdy: h2
kumi93kumi.com/Modules/YodleeFastLink/YodleeFastLink.css
163.44.185.205500 Internal Server Error 73 B URL HTTP/2 kumi93kumi.com/Modules/YodleeFastLink/YodleeFastLink.css
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
File type gzip compressed data, from Unix\012- data
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /Modules/YodleeFastLink/YodleeFastLink.css HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.578175234.1668604069; _gid=GA1.2.381232222.1668604069; _gat=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:51 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5474&ref=https://kumi93kumi.com/FirstTech/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5474&ref=https://kumi93kumi.com/FirstTech/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5474&ref=https://kumi93kumi.com/FirstTech/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 232
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:07:52 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76b073bd1f360b31-OSL
Access-Control-Allow-Origin: https://kumi93kumi.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5465&ref=https://kumi93kumi.com/FirstTech/&st=1668604066250
162.247.241.14200 OK 36 B URL HTTP/1.1 bam.nr-data.net/resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5465&ref=https://kumi93kumi.com/FirstTech/&st=1668604066250
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 57a74ea981739d6cf98f602e1b7b8bb6
fa665517efa157b07143506a1204e5f8335a3bc3
1894f0aa9538c92c2f7b9aa0259ed3e1be910ff700b3ce074e33c8e53ea44549
POST /resources/1/aec7706684?a=3248445&v=1118.0c07c19&to=MlVRZUoCW0ZZBUdcXAsffmd7THRATA5WW0cMU1JFUQxbdlcIR0dcCVxWQxcqW1FdHg%3D%3D&rst=5465&ref=https://kumi93kumi.com/FirstTech/&st=1668604066250 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 8121
Origin: https://kumi93kumi.com
Connection: keep-alive
Referer: https://kumi93kumi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 13:07:52 GMT
Content-Type: text/plain
Content-Length: 36
Connection: keep-alive
CF-Ray: 76b073bd0bb1b517-OSL
Access-Control-Allow-Origin: https://kumi93kumi.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
kumi93kumi.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/stylesheets/fonts/Alkami-font.ttf?636833168113296155
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /stylesheets/fonts/Alkami-font.ttf?636833168113296155 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Cookie: _ga=GA1.2.578175234.1668604069; _gid=GA1.2.381232222.1668604069; _gat=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/aec7706684
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/aec7706684
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/aec7706684 HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:48 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery_002.js
163.44.185.205200 OK 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/jquery_002.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/jquery_002.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/popper.js
163.44.185.205200 OK 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/popper.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/popper.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: application/javascript
content-length: 7245
server: Apache
last-modified: Mon, 14 Nov 2022 22:47:54 GMT
vary: Range,Accept-Encoding
content-encoding: gzip
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
163.44.185.205500 Internal Server Error 0 B URL HTTP/2 kumi93kumi.com/FirstTech/Connexus%20Credit%20Union_files/login.js
IP 163.44.185.205:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /FirstTech/Connexus%20Credit%20Union_files/login.js HTTP/1.1
Host: kumi93kumi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kumi93kumi.com/FirstTech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 16 Nov 2022 13:07:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2