Overview

URL jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php
IP23.236.62.147
ASNAS15169 Google Inc.
Location United States
Report completed2019-04-21 03:00:58 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-04-21 2 jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php Phishing
2019-04-21 2 www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php Phishing
2019-04-21 2 www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/views/erro (...) Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 23.236.62.147

Date UQ / IDS / BL URL IP
2019-05-20 11:52:12 +0200
0 - 2 - 3 redmediacionartistica.cl/wp-content/plugins/w (...) 23.236.62.147
2019-05-20 08:06:34 +0200
0 - 0 - 2 ntahealth.co.uk/ 23.236.62.147
2019-05-20 07:53:23 +0200
0 - 0 - 2 j1led.com/img/icons/get/home.html 23.236.62.147
2019-05-20 07:47:29 +0200
0 - 1 - 0 penacad.com/eqr6lxf3/ogn.exe 23.236.62.147
2019-05-20 07:45:25 +0200
0 - 0 - 3 lcmbr.com.br/dhl_nolp_de/dhl_paket_0084768920 (...) 23.236.62.147
2019-05-20 06:57:09 +0200
0 - 0 - 2 gss.com.uy/ 23.236.62.147
2019-05-20 06:36:11 +0200
0 - 0 - 3 patrickfranco.com/DETAILS/Hilfestellung-zu-Ih (...) 23.236.62.147
2019-05-20 06:27:57 +0200
0 - 0 - 2 ujszovetseg.hu/media/system/images/atendimento.scr 23.236.62.147
2019-05-20 06:06:29 +0200
0 - 0 - 2 sydneycapital.com.au/ 23.236.62.147
2019-05-20 04:42:34 +0200
0 - 2 - 2 biomac.su/ 23.236.62.147

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2019-05-20 13:34:12 +0200
0 - 0 - 2 oktapanji.blogspot.no/2013/11/download-format (...) 216.58.211.1
2019-05-20 13:32:20 +0200
0 - 0 - 0 www.jetblue-plane.com 216.58.211.16
2019-05-20 13:02:10 +0200
0 - 0 - 2 pacepack2110.blogspot.no/2011/08/ici-une-autr (...) 216.58.211.1
2019-05-20 13:01:26 +0200
0 - 0 - 5 sharfiles.com/getoxy/avril_lavigne_karaoke_al (...) 146.148.34.125
2019-05-20 12:37:02 +0200
0 - 0 - 0 104.199.220.228/webdata 104.199.220.228
2019-05-20 12:20:10 +0200
0 - 0 - 2 servicce-pay-pl-inc.blogspot.no/ 216.58.211.1
2019-05-20 12:19:51 +0200
0 - 0 - 2 rediractionid092842786354232pl.blogspot.no/ 216.58.211.1
2019-05-20 12:12:34 +0200
0 - 0 - 0 https://youtu.be/5i6yN4J0Go0 172.217.22.174
2019-05-20 12:11:13 +0200
0 - 2 - 0 redirector.gvt1.com/edgedl/release2/chrome/AI (...) 172.217.21.174
2019-05-20 12:04:47 +0200
0 - 0 - 0 https://youtu.be/Yr5xi2d6QII 172.217.22.174

No other reports on domain: jeri.tur.br



JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 152, repeated: 1) - SHA256: dee67aac013765d423d09df578e3f24d9a58bfaef2b7eb84dd5bd396e345fed7

                                        < script src = "//www.wix.com/_api/wix-laboratory-server/laboratory/conductAllInScope?scope=error-pages&accept=jsonp&callback=setExperimentsSync" > < /script>
                                    


HTTP Transactions (20)


Request Response
                                        
                                            GET /na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php HTTP/1.1 
Host: jeri.tur.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         23.236.62.147
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 21 Apr 2019 01:00:25 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-public-war
Expires: -1
X-Wix-Redirect-Reason: ProtocolSwitchingRedirector
X-Wix-Redirected-From: http://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php
Location: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php
X-Seen-By: BTzakfJUbU/4CBguyutVdy4U9T9VJI1LJutlwdta5H4=,1wy2ILu/S4rlWT/R4rqCrUabbaXiwwzITT9x5v73Ivg=,LwsIp90Tma5sliyMxJYVEpfTcH86aY+LWaXKSnEXA00=
Cache-Control: no-cache
Pragma: no-cache
Content-Language: en-US
X-Wix-Request-Id: 1555808425.538892194703162880
Set-Cookie: TS01e85bed=01f0e9313153e1eeddfb2732fd5adf188a3c9b5af44b23b88b30dc13d2b15fcb36a91906d2489015aac99a15f5b312dcd0e5f03168; Path=/
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sat, 20 Apr 2019 19:51:04 GMT
Etag: 9A5649AC421042DEFEBB024E687F50457C46CCAF
X-OCSP-Responder-ID: mcdpcaocsp6
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=326403
Expires: Wed, 24 Apr 2019 19:40:28 GMT
Date: Sun, 21 Apr 2019 01:00:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e27711c2277d0341c9b226a501bef873
Sha1:   9a5649ac421042defebb024e687f50457c46ccaf
Sha256: 8e8972a9fb1ba55d17659c310ba47d47502d2d583e2441e89e5e920d27164e8c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: D174BC70D749F40F1FA03BC2D0FB95CF345A38BE
X-OCSP-Responder-ID: mcdpcaocsp12
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=79682
Expires: Sun, 21 Apr 2019 23:08:27 GMT
Date: Sun, 21 Apr 2019 01:00:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    38327a36c4d8cb9a592aff93448eb957
Sha1:   d174bc70d749f40f1fa03bc2d0fb95cf345a38be
Sha256: a555a1deab66b98a7a515cff29841d909e47bbb9851f88fe07622ccf18ccf2ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 7529265E9196DFE49BAB65E86DCB22562CCB86BE
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=79743
Expires: Sun, 21 Apr 2019 23:09:28 GMT
Date: Sun, 21 Apr 2019 01:00:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ba71aae9b0d3b8518307227d31af8f38
Sha1:   7529265e9196dfe49bab65e86dcb22562ccb86be
Sha256: 52237c311e7bb372041f964b66084ee894c60d84f3b027f256c6042368283b15
                                        
                                            GET /na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php HTTP/1.1 
Host: www.jeri.tur.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.230.62.177
HTTP/1.1 404 Not Found
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 21 Apr 2019 01:00:26 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-public-war
X-Seen-By: BTzakfJUbU/4CBguyutVd//gOAxkwa8VLjqvfjcGX78=,1wy2ILu/S4rlWT/R4rqCrWJnc24GrqJRUfiJx3GyM+8=,FXBmZYRbQuGp15BoHAA8SiHpN6u+lpgXEaLLYOwNQvU=,I2ZOrNA1LIowGTY6Ll7mx+ng4Aroo36cJlDl6hC5KXQ=,1wy2ILu/S4rlWT/R4rqCrW2xsDiUcp/yjknffHlloRk=,Tw2AanFDQ+Wwo8Xxk6ZL7rHKeAJXtkPxqn+uc4aMlOA3H3FvoTKXfZE0/lJl8ORQ
Pragma: no-cache
Cache-Control: no-cache
Content-Language: en-US
Content-Encoding: gzip
X-Wix-Request-Id: 1555808426.135739989725195820
Set-Cookie: TS01e85bed=0141ccf485c04b6d12c1791e6cc960c209d00d116e8826de01f0228e7703b0dd21b3e77de2f60959a3b432a270ccaa53539c905d9a; Path=/
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1010
Md5:    03c155ec0b02fb5d8cbe18163d078d7c
Sha1:   2e74ad22d8272aa2c73fe961e22202f5d9d7aad4
Sha256: aaf68dfd61ab1b1cb52288c464745dfe11385d93369859283e605e71115f352c

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         50.63.243.230
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 21 Apr 2019 01:01:14 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=114924, public, no-transform, must-revalidate
Last-Modified: Sat, 20 Apr 2019 22:37:27 GMT
Expires: Mon, 22 Apr 2019 10:37:27 GMT
Etag: "eb594b4effb17fe3b18538dcb69dfac53af6abbc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1777
Connection: close


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    f8ef27562cbc7ab419b443e5c12ae2bb
Sha1:   eb594b4effb17fe3b18538dcb69dfac53af6abbc
Sha256: 690ae36841c62d92af86bf92ca5bde6ed6a78d82243947cffd256da798b99d05
                                        
                                            GET /services/third-party/fonts/Helvetica/fontFace.css HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:36:11 GMT
Vary: Accept-Encoding
Last-Modified: Tue, 17 Apr 2018 11:38:08 GMT
Etag: W/"338855569759ca44a0734ec4435bcbd0"
x-amz-version-id: WeoPV8OPw8UQocVJiZwVeWZ26II363jN
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 3182
Age: 120255
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3182
Md5:    138f6948f4f82fda4d44fad50f5456be
Sha1:   002792dd712e5de8c48d71334ca6e45042d3c992
Sha256: 2f8100e5b650bcde60f264ada67f6b5712e61036260fcbe9173bb33ffc875cff
                                        
                                            GET /services/wix-public/1.253.0/scripts/error-pages/locale/messages_en.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:31:19 GMT
Vary: Accept-Encoding
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 20 Feb 2019 21:56:40 GMT
Etag: W/"c5f98494447c215860d685fe28c43c3c"
x-amz-version-id: 4y2mjFKdCrfI0ckf37izO4e2xVOVMw4v
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 1946
Age: 120547
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1946
Md5:    ba37c3de21f19668c0445cfce94cefa5
Sha1:   a390ea94ab70a603f94c7a133793952c041e2fef
Sha256: d72c4b5b25c5b30bac659d1111a69b15813f056bf5d5bf968b8491280a175012
                                        
                                            GET /services/wix-public/1.253.0/styles/error-pages/styles.css HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 10:00:26 GMT
Vary: Accept-Encoding
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 20 Feb 2019 21:59:52 GMT
Etag: W/"bc59bd5f822da3e199a6b98fece4e818"
x-amz-version-id: 2V55UlGV3f0aWvLS064oNpBPYQKAvANs
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 3179
Age: 140400
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3179
Md5:    b470a8d9d5b74c4cf3215300a9c6eac4
Sha1:   b467722ad6341afbdc42a9f02b7ad6746977bb5e
Sha256: 070ed07a182fecc34c05f770969bfd0a5c1ffc2f9faba0939a0c01472e5dc61e
                                        
                                            GET /services/wix-public/1.253.0/scripts/error-pages/app.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 14:39:47 GMT
Vary: Accept-Encoding
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 20 Feb 2019 21:55:10 GMT
Etag: W/"eb99901841ee7fd1d685dc8d3e718343"
x-amz-version-id: xBP1di3V8HO7HLeewTcvILskSt8lwVMn
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 5897
Age: 123639
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5897
Md5:    a7224fa777949f5112b4b2e1562978ba
Sha1:   1b3fd5fa2f3caf188b41eadee45fbecdfb7fe361
Sha256: cc601501419bb3c52ab03929196872b9c873e0a46a2fe42551aeb182b9433390
                                        
                                            GET /services/third-party/jquery/2.0.3/jquery.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:29:54 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 26 Jul 2017 07:04:55 GMT
Etag: W/"2f0cbb7f0c5a3c00476a1e7f9500fd9f-1"
x-amz-version-id: lUzvgAVIkMfC7WkprXuYi7GAU3SremQ_
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 29312
Age: 120632
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   29312
Md5:    975b03d7fd857300e0ad13d6769de319
Sha1:   912db7e9cadd0e2486d8380b80e0d2dd86e03c56
Sha256: 424897e5fadb664e036c49aab9fc96c56e8d4a9a6a7fd6ab27f669bd2611f47a
                                        
                                            GET /services/third-party/angularjs/1.2.28/i18n/angular-locale_en.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 12:29:31 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 26 Jul 2017 06:27:26 GMT
Etag: W/"3c405f66126816b065d7d4680a6a5105-1"
x-amz-version-id: IeAD7WAYSU8sPS1PorNuCByw2miVzwg4
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 866
Age: 131455
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   866
Md5:    fa365b53f8dde8376882043301d5eee3
Sha1:   aa7c46f0fd5efce84227ffae91fc556a9e2cd736
Sha256: ddd4fca2c8c260bb21fc7041cf363f2a73a8101edd83d087111b79bcd2230544
                                        
                                            GET /services/third-party/angular-translate/1.1.1/angular-translate.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 16:19:27 GMT
Vary: Accept-Encoding
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 27 Aug 2018 12:46:30 GMT
Etag: W/"a4d0977836ca8a1c8b6001c029a89b9b"
x-amz-version-id: .lY3S2TdahElHwmXHPal8HGD5JOxcWxY
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 2345
Age: 117659
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2345
Md5:    9e304f83fb5ef096356b15686e3cbc34
Sha1:   5b6809f40b048b66576b701b193fa71291d9708d
Sha256: a27c81f99405b6ddf5f80d764cd86a1c68395ec31bf0b49c381394756d0a54be
                                        
                                            GET /services/third-party/angularjs/1.2.28/angular.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.13.6
Date: Wed, 17 Apr 2019 20:57:20 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 26 Jul 2017 06:27:16 GMT
Etag: W/"f06188602d585283a5e17900d9d76b2f-1"
x-amz-version-id: Oe.sBBO8HV4DqwAb0sd4TbV82Y5.otAe
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 39996
Age: 273786
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   39996
Md5:    5f1869cc10603261f3c1c773fe2af60b
Sha1:   af5bea1ac50331c1071c806de28397228a39c8ef
Sha256: 87880d8b1a2d4dfa00b6be3d32f36f422ca14d2eaed1e0b3475a8813cd78b6d1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=115399
Date: Sun, 21 Apr 2019 01:00:27 GMT
Etag: "5cbadf9c-1d7"
Expires: Mon, 22 Apr 2019 09:03:46 GMT
Last-Modified: Sat, 20 Apr 2019 09:00:12 GMT
Server: ECS (ams/D1E9)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3d5a89f3897d34ddd029aab3bcc58e0b
Sha1:   9ea0385ad72e45f49d323c2f1731bedb19e169b9
Sha256: f9ca2f3004a969532954bf264aea5de2c7fcaa16f65fc979a8fdfdb7a6458394
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=120076
Date: Sun, 21 Apr 2019 01:00:27 GMT
Etag: "5cbacce5-1d7"
Expires: Mon, 22 Apr 2019 10:21:43 GMT
Last-Modified: Sat, 20 Apr 2019 07:40:21 GMT
Server: ECS (lcy/1D24)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b677eba5bca9023b292b98e35bd91740
Sha1:   92d70702f070f5d7685918abd7322ec47389a67d
Sha256: c85171aa5b9fb09335f8c7d0988d7a7280973076ad1a7648eed42a4da16d4e3a
                                        
                                            GET /_api/wix-laboratory-server/laboratory/conductAllInScope?scope=error-pages&accept=jsonp&callback=setExperimentsSync HTTP/1.1 
Host: www.wix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php

                                         
                                         185.230.61.163
HTTP/1.1 200 OK
Content-Type: application/jsonp;charset=UTF-8
                                        
Date: Sun, 21 Apr 2019 01:00:27 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-laboratory-server
Set-Cookie: XSRF-TOKEN=1555808427|hkLamQfsPxu4;Path=/;Domain=wix.com TS01f6b952=01b84e286aee8a35da619537302f3d64ce4d383efbcbd806ec7dfbe02d4ee407b5c6dd4d45daa7edf91b12f54ca00bbebbf041bba7; Path=/; Domain=.www.wix.com TS015217d5=01b84e286a7163d46b9025f9d3b7d03b3123a14a4fcbd806ec7dfbe02d4ee407b5c6dd4d45eba935ccb8539c68a2dbc0cd3763a84cbe2bc8c2de0630b1c365962ef1eb9295; path=/; domain=wix.com
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Seen-By: m0j2EEknGIVUW/liY8BLLp9t+XAaiy2cK/58quVzaJo=,1wy2ILu/S4rlWT/R4rqCrSkrygLZIndQ3R56SBY3TfY=,mvxQ9qSAmY38asKjFCcmG9vofy/bX855XYs5Wbn4gfRB6VSaJqSO//8bLh8itOLo
Cache-Control: no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=120
X-Wix-Request-Id: 1555808427.60383194929012069
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   64
Md5:    0e84e84cefe7ec71d48bb27de0622273
Sha1:   cb0b26f61fc7549730e7b7997eec82f886a2e71f
Sha256: cef5b6d7128fe5e4ddba4f17d651ae7f2028731e55d344460096693f82a57db0
                                        
                                            GET /na/securedchase/0d216912ac167048f23b029bd17ca9b3/views/error-pages/non-branded.preload.html HTTP/1.1 
Host: www.jeri.tur.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/plain, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.jeri.tur.br/na/securedchase/0d216912ac167048f23b029bd17ca9b3/step1.php
Cookie: TS01e85bed=0141ccf485c04b6d12c1791e6cc960c209d00d116e8826de01f0228e7703b0dd21b3e77de2f60959a3b432a270ccaa53539c905d9a

                                         
                                         185.230.62.177
HTTP/1.1 404 Not Found
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 21 Apr 2019 01:00:28 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-public-war
X-Seen-By: BTzakfJUbU/4CBguyutVd//gOAxkwa8VLjqvfjcGX78=,1wy2ILu/S4rlWT/R4rqCraICCbCu9e5QAYpujBjtv74=,FXBmZYRbQuGp15BoHAA8SiHpN6u+lpgXEaLLYOwNQvU=,I2ZOrNA1LIowGTY6Ll7mx+ng4Aroo36cJlDl6hC5KXQ=,1wy2ILu/S4rlWT/R4rqCrT2L0FsjRyi6WbSRGpe1UCo=,Tw2AanFDQ+Wwo8Xxk6ZL7rHKeAJXtkPxqn+uc4aMlOBU9FvGRhICu241/bPJqyGf
Pragma: no-cache
Cache-Control: no-cache
Content-Language: en-US
Content-Encoding: gzip
X-Wix-Request-Id: 1555808428.145739989725295820
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1010
Md5:    03c155ec0b02fb5d8cbe18163d078d7c
Sha1:   2e74ad22d8272aa2c73fe961e22202f5d9d7aad4
Sha256: aaf68dfd61ab1b1cb52288c464745dfe11385d93369859283e605e71115f352c

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.jeri.tur.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: TS01e85bed=0141ccf485c04b6d12c1791e6cc960c209d00d116e8826de01f0228e7703b0dd21b3e77de2f60959a3b432a270ccaa53539c905d9a

                                         
                                         185.230.62.177
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 21 Apr 2019 01:00:28 GMT
Connection: keep-alive
Etag: W/"5b58ae01-abc"
X-Seen-By: BTzakfJUbU/4CBguyutVd489wE2/Ij12regXXdi6yac=
X-Wix-Request-Id: 1555808428.2817391512371101108
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   990
Md5:    15aa4dab1f4faf4e00fcbb610689b8aa
Sha1:   e1a78c5ec05887bdc5cd03a22387873493cd63d4
Sha256: d00cda6cf1dba43da12123692c5a70d1ab6116eb5ebf5677565e6fabd659f70b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.jeri.tur.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: TS01e85bed=0141ccf485c04b6d12c1791e6cc960c209d00d116e8826de01f0228e7703b0dd21b3e77de2f60959a3b432a270ccaa53539c905d9a

                                         
                                         185.230.62.177
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 21 Apr 2019 01:00:31 GMT
Connection: keep-alive
Etag: W/"5b58b83f-abc"
X-Seen-By: BTzakfJUbU/4CBguyutVd//gOAxkwa8VLjqvfjcGX78=
X-Wix-Request-Id: 1555808431.158739989725395820
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   990
Md5:    15aa4dab1f4faf4e00fcbb610689b8aa
Sha1:   e1a78c5ec05887bdc5cd03a22387873493cd63d4
Sha256: d00cda6cf1dba43da12123692c5a70d1ab6116eb5ebf5677565e6fabd659f70b