Report - mysites.ibig.co.il/DOMAIN/

Report Overview

Visited public
2023-12-04 02:58:57
Tags
afcu financial phishing
URL
mysites.ibig.co.il/DOMAIN/
Finishing URL
mysites.ibig.co.il/DOMAIN/#wa=wsignin1.0&rpsnv=13&ct=1539585327&rver=7.0.6737.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d715d44a2-2f11-4282-f625-a066679e96e2&id=292841&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&domain=
IP / ASN
192.185.193.146
#46606 UNIFIEDLAYER-AS-1
Title
America First Credit Union
Phishing - America First Credit Union

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-03 05:10:22	486 B	52 kB	104.18.11.207
mysites.ibig.co.il	unknown	unknown	2023-08-26 14:57:33	2023-12-04 01:45:12	8.7 kB	835 kB	192.185.193.146
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-03 05:09:13	941 B	13 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-03 05:09:22	886 B	55 kB	151.101.194.137
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24 15:35:31	2023-12-03 18:29:54	439 B	31 kB	152.199.19.160

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	mysites.ibig.co.il/DOMAIN/	America First Credit Union

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js	ScriptElement	20 kB	2023-03-07	2025-05-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-06 12:21 Times Seen2059 Hash 053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44 Loading...

	mysites.ibig.co.il/DOMAIN/	ScriptElement	457 B	2023-03-07	2024-08-20
Pretty URL mysites.ibig.co.il/DOMAIN/ IP 192.185.193.146 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:20 Last Seen2024-08-20 16:52 Times Seen4 Hash 82bd1d969cdd7714dfffcda63887d55c 155b0b30d14df51425ae29ffdc5eed4975c1f02e 79fe31dbc43dd8cb07c016da29dcf8b37fd6b23a5ffd73aca2c92f279e768d4c Loading...

	code.jquery.com/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.2.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:22 Times Seen36279 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js	ScriptElement	20 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:39 Times Seen3953 Hash 6b08ddc901000d51fa1f06a35518f302 bafe987c18cbe0587de3e6360e7da40a2885614b 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Loading...

	ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:06 Times Seen57428 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mysites.ibig.co.il/DOMAIN/	ScriptElement	269 B	2023-03-07	2025-05-03
Pretty URL mysites.ibig.co.il/DOMAIN/ IP 192.185.193.146 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-03 14:09 Times Seen201 Hash 9678fd11bd7c60e14caf05ff2b1925e6 ab1b4abd43e151663158be81c1a9cd04f2c846cd 8fc4e1e3c24d30d70225dd53e8e936af38f1472fb365181710f7b4a973c0c1d5 Loading...

	mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/actions.js	ScriptElement	1.3 kB	2023-03-07	2024-08-21
Pretty URL mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/actions.js IP 192.185.193.146 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34 Last Seen2024-08-21 08:44 Times Seen50 Hash bfef294446761f81225bda51229dfdad 930cedeac977eb7ad969772600deffaff8174dc0 3006a7f5d160a928d4f8fe1572e645d91201447f88257ed27022ff07beffb8dd Loading...

	mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html#https%3A/secure.americafirst.com	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html#https%3A/secure.americafirst.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 12:25 Times Seen4635852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	code.jquery.com/jquery-3.3.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.3.1.slim.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:01 Times Seen5408 Hash 99b0a83cf1b0b1e2cb16041520e87641 bc5836992c0b260496ba520fe1336d499bf06eb7 dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-09
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:39 Times Seen3834 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

HTTP Transactions (23)

URL IP Response Size

mysites.ibig.co.il/DOMAIN/

192.185.193.146

200 OK

6.5 kB

URL User Request GET HTTP/2
mysites.ibig.co.il/DOMAIN/
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3970), with CRLF line terminators
Size
6.5 kB (6493 bytes)
Hash
314523e17104b9064ff67f164883eaf4
e5ffca72293f92f909fcd11af117cf1133742cbd
f468eaf221dab1ad463cabbc31c42abbd1d4cfa838bc60c930dcd17c30431132

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	America First Credit Union

HTTP Headers

GET /DOMAIN/ HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sat, 05 Mar 2022 22:32:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6493
content-type: text/html
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

104.17.25.14

200 OK

4.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
4.5 kB (4517 bytes)
Hash
053305c2b293c27c02523cda42962c09
556b0af7346b9e21a8eea1be8b195b563169ecd5
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 02:58:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 600754
expires: Sat, 23 Nov 2024 02:58:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDF1tOtqFyBy7TCJWDWzzm2EzPQD6rDqGC6Jn6e8rMJc4hxwXC748daoWDziA1M%2Fg3M%2BDQ5LUvNLcxFLVxIEp1fld7vC6lfuh6fiq4cNDyJOA38A97aUbSTnBksG4KiFP4%2FppF01"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8300c9fbc85d56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

104.17.25.14

200 OK

6.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20322)
Size
6.5 kB (6458 bytes)
Hash
6b08ddc901000d51fa1f06a35518f302
bafe987c18cbe0587de3e6360e7da40a2885614b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

HTTP Headers

GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mysites.ibig.co.il
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 02:58:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 338440
expires: Sat, 23 Nov 2024 02:58:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBdXP0ij1zUilD%2FgWmV%2F%2BIUrR8H%2FmlDG8VC%2FbbzTfY6Z4LAQZdI5DyYEoucrpUP%2FyOPb2Pt54neZMuxjQSSaKGdNpEaukqbBoG%2FjoxolebQ4w8vue2TG4dl45P%2B%2BkJHAwPvuyG0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8300c9fbcae75689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.slim.min.js

151.101.194.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.slim.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65247)
Size
24 kB (24038 bytes)
Hash
99b0a83cf1b0b1e2cb16041520e87641
bc5836992c0b260496ba520fe1336d499bf06eb7
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

HTTP Headers

GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mysites.ibig.co.il
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1111d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 02:58:40 GMT
age: 6858120
x-served-by: cache-lga21982-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 140, 143967
x-timer: S1701658721.618387,VS0,VE0
vary: Accept-Encoding
content-length: 24038
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.min.js

151.101.194.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32058)
Size
30 kB (30125 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 02:58:40 GMT
age: 6858106
x-served-by: cache-lga21971-LGA, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 215, 272369
x-timer: S1701658721.621481,VS0,VE0
vary: Accept-Encoding
content-length: 30125
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

152.199.19.160

200 OK

30 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30394 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 20592156
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 04 Dec 2023 02:58:40 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html

192.185.193.146

3.4 kB

URL
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html
IP
192.185.193.146:0
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
3.4 kB (3401 bytes)
Hash
cdb27a0a2c3b25c23454a4454c2c78d6
c7ed38e2a97b9033975cb81cc63b0031b93a3a2f
b5d1cc340a095d374fe03137d3b45a6b8772ab148672d13e3d15ffb3d94db019

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/index_1.html HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3401
content-type: text/html
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/app.76ff82e5.css

192.185.193.146

200 OK

1.0 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/app.76ff82e5.css
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
ASCII text, with very long lines (2555), with no line terminators
Size
1.0 kB (1040 bytes)
Hash
45fdfaabff062b120c343417bdb06350
332147dbfd8ffbb33144494cc90abe385ed6dff2
ff7c1455abe0a7bc7da593da4f46d258b47b70c61cd37b2f2890f8063930d034

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/app.76ff82e5.css HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1040
content-type: text/css
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/style.css

192.185.193.146

200 OK

219 B

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/style.css
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
ASCII text, with CRLF line terminators
Size
219 B (219 bytes)
Hash
f9653fbeecf34b04791fee59eb3e253b
fcbbad7c6616682a22a9d0de09d715c61cb17722
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/asset/analytics/ads/js/style.css HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 20:01:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 219
content-type: text/css
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/21d7d23b5082cfbd7662ecf888a9879cef5e3b6d.png

192.185.193.146

200 OK

2.0 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/21d7d23b5082cfbd7662ecf888a9879cef5e3b6d.png
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
PNG image data, 55 x 62, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1998 bytes)
Hash
ae659b5597c9500445cc6f80a4281459
21d7d23b5082cfbd7662ecf888a9879cef5e3b6d
a6690102b24638424202c679e3c3fafe83bdaa641e40dca06968bcad77f70821

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/21d7d23b5082cfbd7662ecf888a9879cef5e3b6d.png HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 1998
content-type: image/png
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/loading.gif

192.185.193.146

200 OK

39 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/loading.gif
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
GIF image data, version 89a, 200 x 200\012- data
Size
39 kB (38636 bytes)
Hash
d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/asset/analytics/ads/js/loading.gif HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Aug 2018 18:03:52 GMT
accept-ranges: bytes
content-length: 38636
content-type: image/gif
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/368f9486f1d69178fbf8bf2dcfbc491b23e4b261.png

192.185.193.146

200 OK

3.6 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/368f9486f1d69178fbf8bf2dcfbc491b23e4b261.png
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
PNG image data, 277 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3580 bytes)
Hash
aa3ffca4509491de728b7f7e60a7ef63
368f9486f1d69178fbf8bf2dcfbc491b23e4b261
83b34f00b6612015c941c3865d2c047ae5ce567f13530491ac4ed773b13b1bd3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/368f9486f1d69178fbf8bf2dcfbc491b23e4b261.png HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:52 GMT
accept-ranges: bytes
content-length: 3580
content-type: image/png
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/actions.js

192.185.193.146

200 OK

515 B

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/asset/analytics/ads/js/actions.js
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
ASCII text, with CRLF line terminators
Size
515 B (515 bytes)
Hash
bfef294446761f81225bda51229dfdad
930cedeac977eb7ad969772600deffaff8174dc0
3006a7f5d160a928d4f8fe1572e645d91201447f88257ed27022ff07beffb8dd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/asset/analytics/ads/js/actions.js HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 21 Feb 2022 21:29:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 515
content-type: application/javascript
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/logo-desktop-inverse.a3a99f3a.png

192.185.193.146

200 OK

8.9 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/logo-desktop-inverse.a3a99f3a.png
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
PNG image data, 390 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8898 bytes)
Hash
a3a99f3aea38a0574c84d332fc5f871f
5a3bcb4c445e47551ad7fb98a1d57a34432c298d
c9a0078a7b8e70e1437317247095c89510a6c40bdb3bb37a26318133e2c1ab54

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/logo-desktop-inverse.a3a99f3a.png HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 8898
content-type: image/png
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/78bdeddcd621c8d0d38dce1c2bfedd9330602f96.png

192.185.193.146

200 OK

2.9 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/78bdeddcd621c8d0d38dce1c2bfedd9330602f96.png
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
PNG image data, 99 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2913 bytes)
Hash
6265054874bcf3c370bef6bb64646fe9
78bdeddcd621c8d0d38dce1c2bfedd9330602f96
df808b2ea829eac97e99d46d91fa6a005269d58a9dfd57ff40f7084e6f027f7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/78bdeddcd621c8d0d38dce1c2bfedd9330602f96.png HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 2913
content-type: image/png
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/d4c16de980048679c0662f782e29945ab5125717.png

192.185.193.146

200 OK

3.3 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/d4c16de980048679c0662f782e29945ab5125717.png
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
PNG image data, 250 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3311 bytes)
Hash
cf4f20bf0af1f7b4b77126ac20180c2c
d4c16de980048679c0662f782e29945ab5125717
986dae282bc4d35f7234bbf7c3eafd4b4bb990b89143be1f5c8a8aa4a04ee2b4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/d4c16de980048679c0662f782e29945ab5125717.png HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 3311
content-type: image/png
date: Mon, 04 Dec 2023 02:58:41 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/roboto-latin-500.020c97dc.woff2

192.185.193.146

200 OK

16 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/roboto-latin-500.020c97dc.woff2
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Size
16 kB (15872 bytes)
Hash
020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/roboto-latin-500.020c97dc.woff2 HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/adobe/data/js/css/chunk-vendors.eab46e62.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 15872
content-type: font/woff2
date: Mon, 04 Dec 2023 02:58:41 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/roboto-latin-400.479970ff.woff2

192.185.193.146

200 OK

16 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/roboto-latin-400.479970ff.woff2
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Size
16 kB (15736 bytes)
Hash
479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/roboto-latin-400.479970ff.woff2 HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/adobe/data/js/css/chunk-vendors.eab46e62.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 15736
content-type: font/woff2
date: Mon, 04 Dec 2023 02:58:41 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/favicon.ico

192.185.193.146

200 OK

1.2 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/favicon.ico
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
5f0fb15bba173e0aa54bd6434418f8fe
fc16c82f44707eb5045be0f68cfcfce4a4ac29d9
0534a1a2f971f20a153479d5e01ad4051a8af96221bb5f7c80ff06a759d1ea2e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/favicon.ico HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
content-length: 1150
cache-control: max-age=604800
expires: Mon, 11 Dec 2023 02:58:41 GMT
content-type: image/x-icon
date: Mon, 04 Dec 2023 02:58:41 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html

192.185.193.146

3.4 kB

URL
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html
IP
192.185.193.146:0
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
3.4 kB (3401 bytes)
Hash
cdb27a0a2c3b25c23454a4454c2c78d6
c7ed38e2a97b9033975cb81cc63b0031b93a3a2f
b5d1cc340a095d374fe03137d3b45a6b8772ab148672d13e3d15ffb3d94db019

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/index_1.html HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3401
content-type: text/html
date: Mon, 04 Dec 2023 02:58:55 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html

192.185.193.146

200 OK

7.1 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/index_1.html
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7345), with no line terminators
Size
7.1 kB (7069 bytes)
Hash
fdcad69bfca7e5ebdc641cf45dfe6e09
d1cf19c8c93dc749bb30c49e1a266e3ab97b80e1
11671e318009b14ad9758c1661bec071be131f17752388fdafd1bf0754b47dcb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - America First Credit Union

HTTP Headers

GET /DOMAIN/adobe/data/js/css/index_1.html HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3401
content-type: text/html
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

mysites.ibig.co.il/DOMAIN/adobe/data/js/css/chunk-vendors.eab46e62.css

192.185.193.146

200 OK

717 kB

URL GET HTTP/2
mysites.ibig.co.il/DOMAIN/adobe/data/js/css/chunk-vendors.eab46e62.css
IP
192.185.193.146:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerLet's Encrypt
Subject*.mysites.ibig.co.il
Fingerprint93:86:D5:17:FB:C6:1E:B0:19:76:2D:A0:27:34:BA:37:D5:03:94:DB
ValidityThu, 26 Oct 2023 11:59:17 GMT - Wed, 24 Jan 2024 11:59:16 GMT

File type

Size
717 kB (716803 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /DOMAIN/adobe/data/js/css/chunk-vendors.eab46e62.css HTTP/1.1
Host: mysites.ibig.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/DOMAIN/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 20 Feb 2022 17:38:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 04 Dec 2023 02:58:40 GMT
server: Apache
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mysites.ibig.co.il/DOMAIN/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (50395)
Size
51 kB (50676 bytes)
Hash
ce6e785579ae4cb555c9de311d1b9271
5ef2c15b47d7290698c737676ba9c3056b45f2e8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

HTTP Headers

GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mysites.ibig.co.il
DNT: 1
Connection: keep-alive
Referer: https://mysites.ibig.co.il/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 02:58:40 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/05/2023 17:30:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dafc4289178c62debc272e1ad347201e
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8300c9fbda51b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by