Report - qa-sip.enel.bestserviceit.com.br/

Report Overview

Submitted URL
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56
ASN
#14618 AMAZON-AES
Submitted
2022-12-02 11:56:48
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.164.174
qa-sip.enel.bestserviceit.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	159 kB	54.152.84.56
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	520 B	46 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	746 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js	Phishing
2022-12-02	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js	24 kB	2023-03-08	2023-05-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-05-28 00:41:09 Times Seen9 Hash 3bb061e24f67f3899ae0e36f287954d9 ee363ac1d4ce974230425465bce597b882dc1d33 991727eba9303c6d7152cffbba5fd714dcb5f042dfa5a530cda0e2939b8a402d Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js	75 kB	2023-03-07	2024-02-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:01 Last Seen2024-02-28 06:00:28 Times Seen98 Hash 0a3a08dc01bbd8d727372c0a0f2b70d7 cfe6c3a94e058178d187751846c3af1092f12336 9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js	3.4 kB	2023-03-08	2023-05-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-05-28 00:41:09 Times Seen18 Hash 8755f639800e84fde126976ec227cab1 4facd63b7bfbc94d54cac1d1f4d6811886a01e56 ae119e1e4ced7954e2f315ed98d4cc43ecd2fd6955018de3de73782f57a4bbed Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js	5.2 kB	2023-03-07	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:19 Last Seen2024-03-01 12:30:10 Times Seen49 Hash e70dbba138f2bcee6baf39f99f267bd8 baeae91e66b56adf9b65d586efb90c231c35fe92 3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js	9.6 kB	2023-03-07	2024-04-17
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-17 03:43:18 Times Seen279 Hash f35b3230007335b610a67fe27e9c19b5 4d1ff795d8ce96081c46af237b983b02f2b4536d 1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 13:46:10 Times Seen37092562 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2024-04-25 23:50:07 Times Seen951 Hash fb0e635db142b1b9fce20fe2370ec6cc c5c481ca5a263031d938f6c12abd2fe5fb4b6a83 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js	15 kB	2023-03-08	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2024-03-01 12:30:10 Times Seen44 Hash 43c0407d57eb40a51231a6fc9241fdde bdbae790e12d661f3b652e9a4f6c9df206a7b7b9 91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js	17 kB	2023-03-08	2024-01-08
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2024-01-08 12:29:00 Times Seen30 Hash 7f2c139eba6511a4dc505bd2c878c1fe c8649ab4be98f4acb22692d8def58ac079833fa7 4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js	16 kB	2023-03-08	2023-09-15
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-09-15 18:09:40 Times Seen20 Hash a32a928f026244d2753ddd823f6cccfb 8853170dd7404ba8ca435350bd11b31591a8128a 81486793a8c573d69b9ed2e2df8acfcf4c792483461506a50cacf64f2004e558 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js	1.7 kB	2023-03-07	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:19 Last Seen2024-03-01 12:30:10 Times Seen47 Hash dec863c7439351d4618a61bf4646c71e c49994e44dd5b54b16ee1ebbc0790817edd444c1 ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 11:56:37 GMT
Connection: keep-alive

qa-sip.enel.bestserviceit.com.br/

54.152.84.56

301 Moved Permanently

164 B

URL HTTP/1.1
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
164 B (164 bytes)
Hash
7c080dc9cbe64cfa46d986a58f8a36d0
86ac6b73ccb006b85b0025945da612d449f93048
d408b7dd325ab88c89e9c699bf2a43626064e8a32b58ac31cc026d1f0d91432e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://qa-sip.enel.bestserviceit.com.br/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 02 Dec 2022 11:56:37 GMT
Content-Length: 164

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 11:56:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2091
Cache-Control: max-age=169769
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:37 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:06:06 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wKrK4StC//rgk+k01a9Eu6RUyZgxHImna0NW4Reu8ND6p5aKDmY8OjZy+7MaXEqT2b+9eiNKWzE=
x-amz-request-id: 4BSTHW7WZ3D3F041
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 11:46:41 GMT
age: 596
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 11:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2305
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5e3ac7ee32c5088703055656bc82fc1
3f2007893c3efcc2338dbc88a6b329cf0d30a045
99b62916d178174aec8d0d2be9f54fe2889968b1dc009abfa7a6adcfa23624fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99B62916D178174AEC8D0D2BE9F54FE2889968B1DC009ABFA7A6ADCFA23624FC"
Last-Modified: Thu, 01 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 17:56:38 GMT
Date: Fri, 02 Dec 2022 11:56:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:11:15 GMT
cache-control: public,max-age=3600
age: 2723
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/

54.152.84.56

302 Found

0 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
cache-control: private
location: https://qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 0
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F

54.152.84.56

302 Found

149 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
149 B (149 bytes)
Hash
e01960bdb3bab802c502c7b13f4292a6
c8921fdd686ccb8fab9d6e13d7fd0c1175309860
38f4d1e6ff97cdd6479a84d97ec7d1bb8f5c17ce3602116497c6756e43870c1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Account/Login?ReturnUrl=%2F HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: /Account/LoginUser?returnUrl=%2F
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 149
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2073
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:38 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F

54.152.84.56

200 OK

2.7 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (316), with CRLF line terminators
Size
2.7 kB (2653 bytes)
Hash
9d8f0c88f07e05c10b11637fd1987558
ce55986ea71a836697b9465d477d2d62da19d502
f2a4a539fe183d748533edd9fc165f656284981585e76be6a17c28aa3f7c51ab

HTTP Headers

GET /Account/LoginUser?returnUrl=%2F HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 2653
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/simple-line-icons/simple-line-icons.min.css

54.152.84.56

200 OK

2.6 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/simple-line-icons/simple-line-icons.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (9503), with CRLF line terminators
Size
2.6 kB (2581 bytes)
Hash
a1f7103d9c000d90069b272642386e84
c638ba522e88d4bbd35dee58415d1faf080b63ed
f0ee535ca4aed7ce0f554d8f7f8721759962eacd733037a1daeb785efe6ab08d

HTTP Headers

GET /assets/global/plugins/simple-line-icons/simple-line-icons.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "275b7bc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 2581
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/font-awesome/css/font-awesome.min.css

54.152.84.56

200 OK

7.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/font-awesome/css/font-awesome.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (26548), with CRLF line terminators
Size
7.2 kB (7152 bytes)
Hash
b479a4d984484b0ad78eb24934f46a84
03c36a92451f8c948981d77079ad6f2f7029fed2
424945e95e6e211deda0a208f9a5fb3ad2708d14250cf1f731d72606f7939592

HTTP Headers

GET /assets/global/plugins/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "ab8339c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 7152
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css

54.152.84.56

200 OK

1.7 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (5487), with CRLF line terminators
Size
1.7 kB (1725 bytes)
Hash
0a23a8acfa1ac9cae35f8f23c3a7bb50
ec1422709aeb2a3a152755f7aa2fc11a8ab379f5
698bb6b14c11a0f830881f91c10eebd44d3f2a80eaf4f90407b009ce98de9e65

HTTP Headers

GET /assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "6992fab9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 1725
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2.min.css

54.152.84.56

200 OK

2.8 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (15195), with CRLF line terminators
Size
2.8 kB (2795 bytes)
Hash
9c4a4bd3905a6cb8678afb0aca2db3a9
fc3146b6d6b404f82debb540d7b0370830682df7
7304ec4f73a8dd7bb32ca5e42827c3299cb33695482887ea96cfd380ff88b930

HTTP Headers

GET /assets/global/plugins/select2/css/select2.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "6d6178c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 2795
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2-bootstrap.min.css

54.152.84.56

200 OK

2.9 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2-bootstrap.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (15550), with CRLF line terminators
Size
2.9 kB (2889 bytes)
Hash
969f217b299876eadae613302cf1519d
de820993367ab8f97c204f8801b15ce88bdb71d4
a11b42a7008ec5b75423f8e57ee79423f4174fd460c3f3397f7439fe6620a5cc

HTTP Headers

GET /assets/global/plugins/select2/css/select2-bootstrap.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "e14d78c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 2889
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/pages/css/login.min.css

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/pages/css/login.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3322), with no line terminators
Size
1.2 kB (1150 bytes)
Hash
c5cbeadc07875317f63825e664d5ded4
7a6fb10138e04f2bdf4abb1e530eaece09369596
2a1ee824987691c3cd4a33b7ffdee454bc35a0a09c0a0352a9afd54bdc7771e0

HTTP Headers

GET /assets/pages/css/login.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "fd76afc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 1150
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/css/custom.css

54.152.84.56

200 OK

977 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/custom.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
977 B (977 bytes)
Hash
ace7c368cdff1ac7ff255afdfa395725
edfc3a3014b8e9d5858af6913be278d893ae214f
770c83362f0b8f1a3a6667acea477856af6471a33ca63cc5dacc29bac4964279

HTTP Headers

GET /assets/global/css/custom.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "f06a6fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 977
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.218.164.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.164.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JIPMPivTdcBa8GJf1J/btg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kpmgeQMb11J3WOJphKDZDfvBw8Q=

qa-sip.enel.bestserviceit.com.br/assets/global/css/plugins.min.css

54.152.84.56

200 OK

11 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/plugins.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (32345), with CRLF line terminators
Size
11 kB (11178 bytes)
Hash
19931664f1590bbdc7ef61c134c8cca1
4cf80305aedc101064275fba2006366032048a8d
712f97a118781c76bba9776a6583cc58ab7b166d4e1d6c38889f1e561225c728

HTTP Headers

GET /assets/global/css/plugins.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "2ae06fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 11178
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/css/bootstrap.min.css

54.152.84.56

200 OK

28 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/css/bootstrap.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (65350), with CRLF line terminators
Size
28 kB (27838 bytes)
Hash
030d42b63352690b0217ebce4f7857fa
abfa5c31801cb804bcc2f53f47fa22614db005ca
d0d12520bb6ae3dd5d319f698776fa84f531a913ed00cc01e6498e4c5fd634ae

HTTP Headers

GET /assets/global/plugins/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "fe904c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:37 GMT
content-length: 27838
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/elp-logo.png

54.152.84.56

200 OK

3.5 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/elp-logo.png
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 100 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3544 bytes)
Hash
e3729109fa83cdc5d71b6565a2ef48a2
8610bd1596c538c98d5406965dd02d0b0fc58580
3ec05973a53a52c49e2936dab7e51bc13027607594e959091de0eeecdf272755

HTTP Headers

GET /assets/layouts/layout/img/elp-logo.png HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "42fc9ec9dcfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 3544
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1572), with CRLF line terminators
Size
1.2 kB (1193 bytes)
Hash
8ea7c28e31d96845b5f5bb202b54f5b9
97ffde690934616acfa4f5d13dd8be135b9b48eb
8f822018d9fbf31667ea4fd82f9f50a08d3e0dced16d7d9f3d290c53c90c4d0a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/js.cookie.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "445d5ec9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 1193
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js

54.152.84.56

200 OK

2.4 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4889), with CRLF line terminators
Size
2.4 kB (2422 bytes)
Hash
ff04a425eec3cd82a2abbd9a2f03a885
f97104f97d21a9e8914818de32d92b0cb05b5296
72df45c564caf9f6b6b2131c55406aec0cac723acf6808a3536fbb7a869be214

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "129556c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 2422
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js

54.152.84.56

200 OK

4.3 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (9162), with CRLF line terminators
Size
4.3 kB (4251 bytes)
Hash
fdc3c337fea880e87cb2f3d4e785dc92
4db2b2c1a216b5984b5050f8bbf2dc0f736db2fe
e0db875e0d624f2c0769bf1927173780becf17ad458ddeb7763e3de3943cff95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery.blockui.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "82885cc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 4251
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js

54.152.84.56

200 OK

43 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32077), with CRLF line terminators
Size
43 kB (43309 bytes)
Hash
9499ec17a79fc672ce66800640c75cf6
3b5cbaa5d9d91c330efd81b67ef4459377d42716
6722bb50ad70f6c7f7d198f8f55cb41e03662ebd397f63bdac9d1f89bee13b99

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "92af5cc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 43309
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js

54.152.84.56

200 OK

13 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32003), with CRLF line terminators
Size
13 kB (12962 bytes)
Hash
06ec3dd286901a694fdbfcc073438062
7065edeb85ee215f62a3afc15a380ba79ba4ac67
f449c14c8af86f47973b37ccadc4c48669ad9d5e1808904362ef750d525832c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "3a2d5c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 12962
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js

54.152.84.56

200 OK

4.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (13933), with CRLF line terminators
Size
4.2 kB (4175 bytes)
Hash
975b98c0968812648ee9eb9ba5c15743
e7c2dc3d6f318e5e27dfaa76dd864342f2f3c8da
f1db9a22277f8a25071f20edacbe2b6a9bb6553058c832641eb61e59b32b7369

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "79b9fab9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 4175
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js

54.152.84.56

200 OK

9.0 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (23619), with CRLF line terminators
Size
9.0 kB (8996 bytes)
Hash
23f6407bab19afd967cbdbdb2a517da5
27b33fc6fdf6ec7dce6b8d848ad9bd861bc1df3f
32def9e8f8b705ddf46405e5ac521fd3d981bc0709ea3c5a8462dbd1e2c13465

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-validation/js/jquery.validate.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "a5f457c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 8996
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js

54.152.84.56

200 OK

6.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (17065), with CRLF line terminators
Size
6.2 kB (6192 bytes)
Hash
2083cd0c9ff1b6e817649b15366a2997
e0b6d3d606d53cf63aa1c897921c62737892a85d
b0bc8a6ff1ad89904e19d705adcbea6d8516527927bcedd6e10cb9ab52f3523d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-validation/js/additional-methods.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "89cd57c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 6192
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3374), with no line terminators
Size
1.2 kB (1244 bytes)
Hash
7bb5eeed7eb01b0809ca6c73e891eefe
bf201f9ffb0ac43a0412cc6d6d55a52e3407e3d1
5d60b8e9cd5809ae1880a67f63e24b57509a7bc5edb83687933f1735e3e66900

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/pages/scripts/login.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "c9a0d3c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 1244
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qa-sip.enel.bestserviceit.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 320638
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/favicon.ico

54.152.84.56

200 OK

1.6 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/favicon.ico
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1619 bytes)
Hash
5fdf5b7f53691c522cf2d27756399033
03e6cce6caff23eedc48f8d6e472c4f0d7441467
6682d3123fcff6886aa0a867a504a3179ede568302f760c5941bc57992662f36

HTTP Headers

GET /assets/layouts/layout/img/favicon.ico HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "42fc9ec9dcfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 1619
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 23:43:28 GMT
age: 43991
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11402 bytes)
Hash
1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 50706
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 80771
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 39705
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4834 bytes)
Hash
cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 27241
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10270 bytes)
Hash
4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 50790
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,300,600,700&subset=all HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 11:56:38 GMT
date: Fri, 02 Dec 2022 11:56:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/css/components.min.css

54.152.84.56

200 OK

0 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/components.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/global/css/components.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "f06a6fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js

54.152.84.56

200 OK

0 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/select2/js/select2.full.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "b6497ac9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 02 Dec 2022 11:56:38 GMT
content-length: 28102
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP