r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16188
Expires: Thu, 05 Jan 2023 22:32:27 GMT
Date: Thu, 05 Jan 2023 18:02:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17129
Expires: Thu, 05 Jan 2023 22:48:08 GMT
Date: Thu, 05 Jan 2023 18:02:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 17:47:54 GMT
content-type: application/json
age: 885
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Thu, 05 Jan 2023 21:12:47 GMT
Date: Thu, 05 Jan 2023 18:02:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g79Rq9lp/hiF2cyccHEocjETU1+85m2Aw8oi3GELjgB2SKPn0kjIXQg2AZfVbqIkRWa7k5oP63I=
x-amz-request-id: PMBVKPMMQD7BDH0R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 17:59:38 GMT
age: 181
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 18:02:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 17:08:11 GMT
age: 3269
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/gomsx
177.70.21.175301 Moved Permanently 260 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a01a5e43dce50f17b91757b4232ee56
90220f927f190540004aa71e8cb876014f7af982
0e94c70788febe3fc096e1c1899f10ce83ec256ffc1748b8f8a53c3e4aad57c2
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
GET /gomsx HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Thu, 05 Jan 2023 18:02:39 GMT
Server: Apache
Location: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Content-Length: 260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:40 GMT
Last-Modified: Thu, 05 Jan 2023 16:43:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QXX0EBhoAibzubQ5uKLd1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dTtUZwvHrI5NYErA9QSs+yZC/PA=
xn--inovatelecomunicaes-myb80a.net.br/gomsx/
177.70.21.175200 OK 32 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (6168)
Hash 7b8f0b12a24bc7ffb3f1ca553d53862c
1cbe4afaf892d8bd60bb0d3aa9ed86fb76ef78a6
63477eab7b70c7418ad7414f1dc22bb48a6e221e7d5067a6daacc1694ba3dfa9
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/ HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:39 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 31638
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/segments.js
177.70.21.175200 OK 39 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/segments.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 39
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/event
177.70.21.175200 OK 191 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/event
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with no line terminators
Hash 2d5d169b7afabb783f8994c576f005cb
d3c1f326303b3cd98f892a5ab28cea82222d058b
384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/event HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 191
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/rta.js
177.70.21.175200 OK 168 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/rta.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash cf8059bd98746a031879c027d0675200
5b36326aeac50dd7fbf8a910775b32beccc12d5a
00fb70d9832d4974eacda5d97b5ede63153bebe471109491dc6807db6ceca3a7
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 168
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
177.70.21.175200 OK 2.7 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403)
Hash 026533413b3d09d51db59238995299c1
8299098d71a0d18d7bf7279f0d71bed0345c0ec2
62079f9953d5a6dc3240039aa842881f9171f4c3f2bc664629aaf5f2c537214c
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 2727
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/data.json
177.70.21.175200 OK 295 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/data.json
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
Hash c4e699111d8c5ee41a03610b94ff02d5
7b4ec667ab9d73b69d752931fa675eca988ac1be
f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
177.70.21.175200 OK 1.4 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433)
Hash db5bdae32033752bd8574dc96ee4c96c
59c8ea77207eff9f8dbf9b6cbf156c6329cbf931
853efa16d425ff8c75c2bd4c74459ef9b555ceaae1a22d4aae0c36f95cad4351
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 1420
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
177.70.21.175200 OK 18 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (815), with CRLF line terminators
Hash 4ff1cfd3240ea3e8eed8d96e31152dc2
97ed8e13c3b52da3ea4865af48b219c8e540e5ac
c1d1eb4e35d0cfa8617262918737bcb8804dd0720cdca026da2087166ac7ba71
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 17478
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/asc.txt
177.70.21.175200 OK 17 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/asc.txt
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with no line terminators
Hash 92ecce91e58ca501e89410701805ffd2
fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 17
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
177.70.21.175200 OK 51 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (50848), with no line terminators
Hash 46ad0dca51a657b2f6d4302e8af335ac
56f30d2a99c33270a368df39b0fac6a6321f72f4
7744a06830d6b63ba7fc3b5f7649f8f06959e3c31118cf324d3e36e5433915ed
GET /gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 50848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
177.70.21.175200 OK 3.9 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (3906), with no line terminators
Hash b9e47f9f8aac844ec80a9ba6ff6e7a74
cbf073ac21eaa5de906e1fcce023c64c3829c648
aef3124abf7a9f765f36093acf39e804987e52e1a1c241700441949ea52a7673
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 3906
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17206
Expires: Thu, 05 Jan 2023 22:49:28 GMT
Date: Thu, 05 Jan 2023 18:02:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17206
Expires: Thu, 05 Jan 2023 22:49:28 GMT
Date: Thu, 05 Jan 2023 18:02:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 41ee9ad4-ddfd-42a5-b66c-167c4bda9153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCvUGHnlIAMFw8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f8e6-4ac2abc739dc4ff640301707;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:07:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QVwr9xaKtzkI-Lnp683K6kKaWfnnmPs0o6HG7PBuAc9QbcMqczguNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:16:00 GMT
age: 42402
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 23:39:12 GMT
age: 66210
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ce88a04d7f32ce0497bd84db44da8d4
761049019c342553004815ea394dcf282f2cc613
038aa4e5da1428524de833071814998d6c1d8b8b60d4e9c10e60d8a75f7b88fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5601
x-amzn-requestid: 54813ea9-9435-4355-910b-5b4d1eadf2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlhgHU1oAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b282d6-17e772ae5b70371367792063;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pigrktUzOcu_-Z-HnUPOnmF7yhHIdOv9bB9x7VVONHr7YZXwZAEvZA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:44:19 GMT
age: 40703
etag: "761049019c342553004815ea394dcf282f2cc613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cecd6a1a228ac55f193a180229d3a33
9e5fd5a101828d5491305deb539dc5836c5b3065
7bbd9e261625c2d2a700a817c2f10b779c8463baacda02f9f34161c08487ca31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8721
x-amzn-requestid: 1c24289e-6169-4088-a2b8-311e3640e4bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAA7IGTdIAMFzCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe1e0-561d5981260c41511219c673;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:16:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: qoxCvnR2nVjlCdQJ6Wyq_Ot0p1SVdhl71LEKAm0-tkPMxWHGdIl42w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 07:31:55 GMT
age: 37847
etag: "9e5fd5a101828d5491305deb539dc5836c5b3065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 165bf3d40f0584e3b9839304ede47c76
27da520440229f2239721371d9338eb81a8b4b93
00075a96a87b16edb302ccc862e0dc9691c7195ac227ae805bc88ebe8dd3ee52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: eba6ad45-abca-4781-88d0-28514de35851
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePMB5GxGIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f3a5-2f3844833b7ead4f7121ae11;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:46:13 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5I2Qz0M1_DD0wn5b_6HlkAlm_BAn9hiGSiXK_U01NxuXZ46ky280dg==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 22:17:38 GMT
age: 71104
etag: "27da520440229f2239721371d9338eb81a8b4b93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7711a1490729319952a150b84e91a5d6
11fda31d48a4df3fd6346d92f45a680f500bff64
e9663e981c6716c243b58ac99549dfbe6dd8371c42d50add46457b5911f63529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11381
x-amzn-requestid: f30a66f8-72cb-44a6-b87d-55d501050dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKzmH6soAMFZOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1b0-6fc1643036a4012935a38bb3;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iJNA1pytmUSUBG4YeU7rcEKCs04k9rPEuQ6o6FP5bWaQ25M7yGrySA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:49:59 GMT
age: 72763
etag: "11fda31d48a4df3fd6346d92f45a680f500bff64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
177.70.21.175200 OK 83 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (707), with CRLF line terminators
Hash e97a8791094937eca04430b8fd76550b
69fac7a4b26fdd0e5ea9c7b679435c80857efb1f
0d511486e7d3d6543bce126133d47c2805c5e4f0ff4c6d6eefabd5d6e678bf99
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:41 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 82832
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abe44672b8c842a7da211efe3c99339c
c9fe162b8a4469d6528ff67ec8cdeaf76412f0c6
e5a3ec789c279d7ad2dd7ab5bdcff9725204b9ba94df54656ff19778be3153b3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4955
Cache-Control: max-age=166485
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:42 GMT
Etag: "63b6e4bc-1d7"
Expires: Sat, 07 Jan 2023 16:17:27 GMT
Last-Modified: Thu, 05 Jan 2023 14:54:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
us-ads.openx.net/w/1.0/jstag
35.244.159.8200 OK 18 kB URL HTTP/2 us-ads.openx.net/w/1.0/jstag
IP 35.244.159.8:0
File type ASCII text, with very long lines (12594)
Hash 6e7481e16f72e66328bad6c8cff7a72c
58428c06bd2c7fe1242e4937dc1d826d87e84230
db670273c3eec7c9259b7c0d3b66c7144d4ae9db22f494a69d2a4b58e839ce6f
GET /w/1.0/jstag HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Thu, 05 Jan 2023 19:02:42 GMT
date: Thu, 05 Jan 2023 18:02:42 GMT
content-type: text/javascript
content-length: 18070
content-encoding: gzip
cache-control: max-age=3600
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
177.70.21.175200 OK 94 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 25721ced154b3a99e818431446d7506d
3f1b0e9e54af1af2db2c8a639530448723462151
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 94020
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abe44672b8c842a7da211efe3c99339c
c9fe162b8a4469d6528ff67ec8cdeaf76412f0c6
e5a3ec789c279d7ad2dd7ab5bdcff9725204b9ba94df54656ff19778be3153b3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4702
Cache-Control: max-age=166232
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:42 GMT
Etag: "63b6e4bc-1d7"
Expires: Sat, 07 Jan 2023 16:13:14 GMT
Last-Modified: Thu, 05 Jan 2023 14:54:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
177.70.21.175200 OK 182 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
z.moatads.com/comcastapn56341864860/moatad.js
2.18.173.140200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 2.18.173.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iNOl1G7caF+4F0KjCYi8LROSIJDzen5qwVKxO9qb70np0Ib7E8xnZvs9UYc5c1RxmbTyX0e7zg8=
x-amz-request-id: 011D4RFHBA3563FE
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=64777
date: Thu, 05 Jan 2023 18:02:42 GMT
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/moatad.js
177.70.21.175200 OK 182 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/moatad.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:40 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/u.gif
177.70.21.175200 OK 42 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/u.gif
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /gomsx/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:41 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/event.gif
177.70.21.175200 OK 42 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/event.gif
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /gomsx/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/seal.png
177.70.21.175200 OK 3.1 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/seal.png
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash be19bc645a5d70db58e4317fb1f7f791
8c38f471f3e6d17af148acaab219db7e3e4a8d23
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /gomsx/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 3091
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/all.js
177.70.21.175200 OK 199 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/all.js
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (18053)
Size 199 kB (198957 bytes)
Hash bc6c96975ece396c2410a11de12aa324
dc29df9842c22f28b858e6384b9339e2632ce3fc
1cbf11d576a004a0f2bf7baa71c045dd94d4b0eb3e4c848df0bd75dcb144c5f7
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:41 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 198957
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69bb0c4639657b0f30956e1ad6f3e5f9
70d35dd44dd893351b6d9f0c72acf05d691ebafa
c7d6c8769896a465e20d89f64d53031bc045a03a3e16046fba4363f3e2e50c90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:43 GMT
Server: ECS (amb/6B95)
Content-Length: 471
serviceos.comcast.net/b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210302 Found 0 B URL HTTP/2 serviceos.comcast.net/b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceos.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 05 Jan 2023 18:02:43 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 04 Jan 2023 18:02:43 GMT
last-modified: Fri, 06 Jan 2023 18:02:43 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31DB8861A3F05769-4000089F8316813B[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sat, 04 Jan 2025 18:02:02 GMT;
location: https://serviceos.comcast.net/b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&pccr=true&vidn=31DB8861A3F05769-4000089F8316813B&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:41 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
serviceos.comcast.net/b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&pccr=true&vidn=31DB8861A3F05769-4000089F8316813B&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 serviceos.comcast.net/b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&pccr=true&vidn=31DB8861A3F05769-4000089F8316813B&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/comcastnetdev/1/H.27.5/s24295481645189?AQB=1&pccr=true&vidn=31DB8861A3F05769-4000089F8316813B&ndh=1&t=5%2F0%2F2023%2018%3A2%3A32%204%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=https%3A%2F%2Fxn--inovatelecomunicaes-myb80a.net.br%2Fgomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fgomsx%2F%2F%3Asign%20in&v1=%2Fgomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fgomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceos.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 05 Jan 2023 18:02:43 GMT
expires: Wed, 04 Jan 2023 18:02:43 GMT
last-modified: Fri, 06 Jan 2023 18:02:43 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31DB8861D3A848AF-400000BEA3194EB7[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Sat, 04 Jan 2025 18:02:02 GMT;
etag: 3592615081502310400-4619673689671683766
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b29dc8c7a991aa4bf6811e25dbc147c
03dc09f87a4017228b6c82dd57c02fc8c78ce909
442b3aa48f7f563c5c21632c1457584bc004b28eb3eb72ec6b210b7665f0a904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3795
Cache-Control: max-age=162101
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:43 GMT
Etag: "63b6d825-1d7"
Expires: Sat, 07 Jan 2023 15:04:24 GMT
Last-Modified: Thu, 05 Jan 2023 14:01:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
177.70.21.175200 OK 43 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators
Hash fc6f71bf3bb8b37c2e742712f5e9fa31
1985f6685907edd356e999433d688632683297f5
074da691273a060b544115ecc31905c1c260559484b45560f9a299d83ca5d898
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 43032
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12404 Not Found 9 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: zmctfvPmppDI/dercJRRUH2sgFXv+nDzUEjXpsUCkzbczl4dBEFNKkMNdBNCTUJvq2HaQOTo31fL9ffAltJpaA==
content-length: 9
priority: u=3,i
x-fb-trip-id: 1904183273
date: Thu, 05 Jan 2023 18:02:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b29dc8c7a991aa4bf6811e25dbc147c
03dc09f87a4017228b6c82dd57c02fc8c78ce909
442b3aa48f7f563c5c21632c1457584bc004b28eb3eb72ec6b210b7665f0a904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3795
Cache-Control: max-age=162101
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:43 GMT
Etag: "63b6d825-1d7"
Expires: Sat, 07 Jan 2023 15:04:24 GMT
Last-Modified: Thu, 05 Jan 2023 14:01:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/dest5.htm
177.70.21.175200 OK 8.9 kB URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/dest5.htm
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators
Hash d2f6fa6292c62a0b4453c4d7763040e1
a9330f8597c230773f94d5f3b442d0a14e94083f
b8ddbf2a9418fff20f88a0692ce5aa6770edc51280200cdf410fdfb36466794c
Analyzer Verdict Alert fortinet Phishing
GET /gomsx/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:43 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 21:12:04 GMT
Accept-Ranges: bytes
Content-Length: 8948
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:42 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c89a60f64c9831a211470e4b4dc0cf27
8b889a2cb154cb630b5651f74afdc25196c91f68
31d62c650fecd5c67da4932d6a9e970c1824c5b41b961b0be8ffe01bb1d68a7c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3996
Cache-Control: max-age=154743
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:45 GMT
Etag: "63b6baa0-139"
Expires: Sat, 07 Jan 2023 13:01:48 GMT
Last-Modified: Thu, 05 Jan 2023 11:55:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d845c87c11854453c0e2d933c4c342e9
bae86d31c52f9b274e7e9cfd41890dd51d552f1d
57afc76578e0b65fed6d8a002454a04a387d20d6d08ecf727f3afa7d46ec882e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6446
Cache-Control: max-age=136296
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 18:02:45 GMT
Etag: "63b668ff-1d7"
Expires: Sat, 07 Jan 2023 07:54:21 GMT
Last-Modified: Thu, 05 Jan 2023 06:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=10794678910&varName=crtg_content
178.250.0.166204 No Content 0 B URL HTTP/2 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=10794678910&varName=crtg_content
IP 178.250.0.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=10794678910&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 05 Jan 2023 18:02:45 GMT
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F
52.30.252.118302 Found 0 B URL HTTP/1.1 comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F
IP 52.30.252.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=68876240050149950242161172169052860126; Max-Age=15552000; Expires=Tue, 04 Jul 2023 18:02:45 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GRn+qmNTSWw=
Content-Length: 0
Connection: keep-alive
comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F
52.30.252.118200 OK 67 B URL HTTP/1.1 comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F
IP 52.30.252.118:0
File type ASCII text, with no line terminators
Hash cccf64bd519f89c19f442fa45666b196
77ac7295fadc8e625b33a1aac4b806afeae33aa1
e7ffde2a9f7a581a47eb3cc21cd81928e12340a1b05b5095e8ced673624fb219
GET /firstevent?d_nsid=1&d_ld=_ts%3D1672941752723&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1672941752723&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fgomsx%2F%2F%3Asign%20in&c_eVar1=%2Fgomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fgomsx%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ODIkT5PbQf4=
Content-Length: 67
Connection: keep-alive
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:43 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 51f8883c69301cc97662cfd69dcff112
c6611009b46cf0d9390bfe559288e68e8bbf75db
8d4c7079a0e02fa2625dd42795a28a7c0327733f86b7d6c96d46f3b147fd48b2
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 10:07:32 GMT
Expires: Mon, 09 Jan 2023 10:07:31 GMT
Etag: "c6611009b46cf0d9390bfe559288e68e8bbf75db"
Cache-Control: max-age=600494,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784e20783b73b511-OSL
login.comcast.net/static/images/global/favicon.ico
76.96.69.84200 OK 1.2 kB URL HTTP/1.1 login.comcast.net/static/images/global/favicon.ico
IP 76.96.69.84:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8591b1e1977be23073d13751a5f203d0
3f549eff3cf641803992d8748202bf0775f4765e
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /static/images/global/favicon.ico HTTP/1.1
Host: login.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 18:02:46 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=497
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
177.70.21.175500 Internal Server Error 251 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9142176c5ccdb63bc03d514412d42b00
6c2eee1ba6dae02385c94121a3465329f7587d33
d44ef6cef0d915260653c10e6b0b08f295385f542e73e7cb779e2be26a15255f
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
www.facebook.com/impression.php/f226f8dc8ddf3/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/impression.php/f226f8dc8ddf3/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
IP 31.13.72.36:0
GET /impression.php/f226f8dc8ddf3/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/gif
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: Y6Xv9sXDkjv7mlsbjNFDfd2itFbBCSZefST9WW4825zuavdcLHwmLAJrv/xjNg+/9Hd2HZvQWy9ucwTn5a5bgQ==
date: Thu, 05 Jan 2023 18:02:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xn--inovatelecomunicaes-myb80a.net.br/static/images/fb-logo-29.png
177.70.21.175500 Internal Server Error 0 B URL HTTP/1.1 xn--inovatelecomunicaes-myb80a.net.br/static/images/fb-logo-29.png
IP 177.70.21.175:0
ASN #28209 Under Servicos de Internet Ltda
GET /static/images/fb-logo-29.png HTTP/1.1
Host: xn--inovatelecomunicaes-myb80a.net.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--inovatelecomunicaes-myb80a.net.br/gomsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Thu, 05 Jan 2023 18:02:43 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8