r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13103
Expires: Tue, 07 Feb 2023 10:13:09 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4722
Expires: Tue, 07 Feb 2023 07:53:28 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 06:34:07 GMT
content-type: application/json
age: 39
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20792
Expires: Tue, 07 Feb 2023 12:21:18 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BdaeVLTSNu9bZMQg8Z+xGoCBbdLbn79jrnn9Uue7YTiD1dn0NffvGCehnN/YoaLZH88NzOGuPAY=
x-amz-request-id: 0M0QHQQ6P123G46V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 05:45:27 GMT
age: 2959
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 06:34:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/Login.php
68.66.226.93200 OK 17 kB URL HTTP/1.1 ww.w.conductability.org/Login.php
IP 68.66.226.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (362), with CRLF line terminators
Hash dc4fcac8f3d4b91ac70d11f4eccd4f0e
c7eeb8f0cf487cf5dab9729d63b5ee014e5c6b78
ad38f85c05eaa2412db6ea279248d5a907bd3267c7c062f9f68f008fd5f1a040
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
content-length: 17027
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/mtagconfig.js
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/mtagconfig.js
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/mtagconfig.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01 HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 05:51:19 GMT
age: 2607
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/OpinionLab.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3733
Expires: Tue, 07 Feb 2023 07:37:00 GMT
Date: Tue, 07 Feb 2023 06:34:47 GMT
Connection: keep-alive
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
push.services.mozilla.com/
35.81.123.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.123.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uY8xm5yfe3ku6TbRNiu5tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XeHgs/l2V9eBSgpq7jGWE4NbCaE=
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6565
Expires: Tue, 07 Feb 2023 08:24:13 GMT
Date: Tue, 07 Feb 2023 06:34:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6565
Expires: Tue, 07 Feb 2023 08:24:13 GMT
Date: Tue, 07 Feb 2023 06:34:48 GMT
Connection: keep-alive
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 879578cc-a58a-4516-a7cd-68850553762b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc79ECLIAMFclw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb2-57141dcf1c5595110f5f572e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ARr-i9j3ruIxZ123Ae2bEk_c2s_5Zs7fhrn4UXphw_jOYrtvq9OMVg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 49188
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08d66d83f1ae9acd6e442c4dcaed2a20
8c258ac6de196f8c32f1af69e7a754da0610b090
a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12368
x-amzn-requestid: 988041b5-278d-4ea6-9ee9-77377bcab080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzPr-GoQoAMFkGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf97f-4a891b142f5d503703694380;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:21:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tFE9XdCE4VScFBlyxeWM-7mPl7tH7x5KrVsE4te7JUuerHnti03Vyg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:47:51 GMT
age: 28017
etag: "8c258ac6de196f8c32f1af69e7a754da0610b090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 31169
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:27 GMT
age: 31161
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: li__CyiikZFRNF7c8_9Kbi18VJ39UzJiNgP9z141MCUFVPnYAEXPCg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:24:59 GMT
age: 29389
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z5r7rFH2nEro98p7U4_Lz8xIrX_bnU7ntAc46ytGzL8498buHzsCcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:26 GMT
age: 31162
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 07 Feb 2023 07:34:49 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3578
Expires: Tue, 07 Feb 2023 07:34:27 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3521
Expires: Tue, 07 Feb 2023 07:33:30 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 07 Feb 2023 07:34:49 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3508
Expires: Tue, 07 Feb 2023 07:33:17 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive
mybell.bell.ca/web/css/myBell/bell.myBell.core.css
206.47.98.207200 OK 9.0 kB URL HTTP/1.1 mybell.bell.ca/web/css/myBell/bell.myBell.core.css
IP 206.47.98.207:0
File type ASCII text, with very long lines (482)
Hash 3fb1b36de6c6251612cf491442b057bd
98c1ee9cce16f445d8146072854255914804802a
5b9346051cb9ea5ac5b981aa0b5794adad8f28c9fec593e5c86e9351f5997681
GET /web/css/myBell/bell.myBell.core.css HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: text/css
Content-Encoding: gzip
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 18 Oct 2020 21:26:35 GMT
Accept-Ranges: bytes
ETag: "1D6A5955B087780"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:49 GMT
Content-Length: 8960
Set-Cookie: dtCookie=v_4_srv_5_sn_1E82DE634C04717BC96D219910317A52_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.bell.ca
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.luckymobile.ca
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.virginplus.ca
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.luckymobile.ca
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9f759ccda32aa71ba7b7c46a2566f9791ec277f4825fbb78b89d65a79a1f8c8444d3a8ca833bd00614f48d838f62dd622ca46e5c0147dbccd3b8947fc31506d5d6d13111851a60d1bbc09fc1a91e38821d056a48e74c3da4f96720696d265a5cf1793d790de0eea9b2cfe4c0c2c1a8901d189770f661fb6f957d2f0b2baa7097b283ab379ba8f4d19ae6953d7d663f8ba4bdee3298009ebc1699dc7f2bfeec45701815c08495fc370bb42db5c58d9131c; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200029bae22f88ea89e127660c17f9660189002d058c5203e95c9eb190e7fefad3fd0813530fa211300037c10bcb358d645a9b0f77b4a4be34d0add92e06fd7366d53072473dd10675649df6d7b5bdc1d77f36f43f29b0c6e0a8; Path=/
mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js
206.47.98.207200 OK 1.5 kB URL HTTP/1.1 mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js
IP 206.47.98.207:0
File type ASCII text, with very long lines (2631)
Hash fd05a4f786abc2bcb7adcc5546bf2032
6a2a4390224414a7fda4a281ca5ac2c3c1ca6bc6
b969186c5196a69c2bc27bb0b44c7b92032f53714e91b527dca0afb98a5bf031
GET /framework/js/jquery.unobtrusive-ajax.min.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 22 Jun 2014 08:23:00 GMT
Accept-Ranges: bytes
ETag: "1CF8DF32DAE4A00"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-334851645"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_5_sn_50D2B5A730BCFF7CD0E174BE143C7521_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.bell.ca
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.luckymobile.ca
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.virginplus.ca
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.luckymobile.ca
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c99cf168db4499c598849e79b9a3812f8e4b5083deee8ca015078096b0296c878b4f3da7f704e64e2a831af0b97eaa9f769047dccc3e46dbd90ca9f4124e07f4e36fa8a00f9240ace3123cf3dce3b1610ccb279b62fd96f51d7b0a6e67b5300cb871abd686aeedd8ec1ef5201ba6e8ca1c4f516bafc32b502ed35916646807204f8adc2d73949778558a709937e21e0db4795633f0054d790044ebbb8925d88a5869a950169b58e405e521466df9536d42; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200023e2717b1f99ba664d927d591b67961b62b231a68f41e0f866347d299eb7dca808a924fbbd1130009cae1b9567c979c19b0f77b4a4be34d08e26b315d8a904f01f671d86095246b1d6d15c61332d7bf98fbb49bfe8b82cbb; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1502
Connection: Keep-Alive
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
mybell.bell.ca/web/js/bell.utils.js
206.47.98.207200 OK 11 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.utils.js
IP 206.47.98.207:0
Hash 495f39f0a789290210132765601a690c
217942474b0210eaf5903a4355715c2865c1e898
ed4b4ec96335f0cb6b3977937cc7fa149713b07fa27b590ca94d3b2e011b44bd
GET /web/js/bell.utils.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="621164677"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_86E73831CFF7D58E4F7CFF3778A449BA_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.bell.ca
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.luckymobile.ca
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.virginplus.ca
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.luckymobile.ca
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9eb5857c1480a9b76a9a62fc295f3fe37884057a04d10e1926176381fa54d304df4f50e16a34b39d377478f3f7de83e36cc87e32b4af8184e20a8f264b712b1ad3e30edcac495549186d26415cab5e31a7275dd5703271f758d6a0ee2e066f4b4b391e62aebb210ee967efb266de944b715f8b049897a01dabc2b74290b671626459e94be253de2da746c1cb1e73ebd75bbf8f34a2cf7999a88f73b33a61a4647851f69a1a558f956b88e2030b2c17dc8; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200089d9de5c69c2d1b5ef3c78a1978efbb1cc430034b986fbd6d06d9fe3f314bd2608d97c8ac5113000a32dc660d08984529b0f77b4a4be34d06a29026a9dd9278efc241d4a018022eb73f1281f480b8de6c206aad0159e2043; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11171
Connection: Keep-Alive
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
mybell.bell.ca/web/js/bell.resources.js
206.47.98.207200 OK 1.3 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.resources.js
IP 206.47.98.207:0
Hash a61f6111bdab7790cae119027424512b
323af826ac29e8291cd593832034055a152fe59a
b14b95a79f33dfaed74c11e7091cd4b9902094c6a8842acb5366e1a2a561d1c1
GET /web/js/bell.resources.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1057321020"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_80160D9F204F52D78D87FB117CA49D0D_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.bell.ca
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.luckymobile.ca
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.virginplus.ca
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.luckymobile.ca
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94a1c205208e52398369c60c91d42f2d0965d904709e111a613bae19223effdb27113e997def01553850b5188c977387a43767ca776ee938f82ba12ff6831169e5fe7528269a4f12f5aeff3de56cfd9e2b246bd41fbaebfa6d0fae6f9f65c8210188e3aca58ac3d3a64d99f7a0ac501505196317307c8036c7a5bf8f7d8cb9546f5a42b5c77dafde7d5d000a6f8d145a7f6b3a571bee3055facd152cb226d98241e1e427e7afa0ee7af2c8134e18c47cc; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000498795a285b9d48e3705da164b27080b9ec1306f0b5de65baf3eabefddb7ee760869144bd61130004e6c1f038e1674360cd494d7dc65c7d1bf8c907a0a9d13afc71fd8b3c0e0dad32dd6ed42571da79684536c73e3b4f089; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1259
Connection: Keep-Alive
mybell.bell.ca/web/js/bell_master.js
206.47.98.207200 OK 13 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell_master.js
IP 206.47.98.207:0
File type ASCII text, with CRLF, LF line terminators
Hash 72a0c315a309a043d34318947ff52165
5ee0bd952e4f3faf272e8ec7d3342e3bac4a1add
2447502432b800f08cb7eb20325e2a51c2f66f902892ce8cb1db126464122249
GET /web/js/bell_master.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-884084308"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_25D2B4B747CB4C2DF9EC6D96B990C8AD_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.bell.ca
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.luckymobile.ca
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.virginplus.ca
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.luckymobile.ca
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96f2ce69297c8ecf0cf7b62b518063136bc4717cbeb2634bc3cff63d9146f4723f80b5c285f977590865931ef823c40b84ad2111cf885c889c0c97d47c53b095706f12873ec2e56e126f2a9e1b9a3c94fd8f809164ecdbe66f6f0ee83ae427fe33237144ce3174526dbad69810512753edf8ae63f9458ac56366caf44ae187bbf1cdc6e08f66f9b57cb74779615cf7da1c421be6413ebf0ad6184dbef75ad5ff82166d0a55d95fb73a88c129d0881ce55; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200087ff079f846a0c75939e0ea6c69cdb2c8c387d3674d5bce3c59aa36d1045c7f108673a41521130007caecf0c1c226f500cd494d7dc65c7d1a323500cfa6985aee5fa89d9c9ce148caebe5478d89cef18430b808fa3648810; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13363
Connection: Keep-Alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecaa80b31-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecab4b4ff-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1edeacb4fd-OSL
ww.w.conductability.org/web/js/opinion_lab/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:50 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:50 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
mybell.bell.ca/web/js/jquery.js
206.47.98.207200 OK 43 kB URL HTTP/1.1 mybell.bell.ca/web/js/jquery.js
IP 206.47.98.207:0
File type ASCII text, with very long lines (65181), with CRLF, LF line terminators
Hash c90ceea5fb879c494600c9a42da6a3be
81bd44e540fed99e0fc921219357c830b2965f49
9b17eb90425fddd4dd4cc6022137b8b495b66e5e7332f502ad82c8e5869058dc
GET /web/js/jquery.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1847089410"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_E2E43E8FD2308F83AC5A20C9AEF63C13_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.bell.ca
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.luckymobile.ca
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.virginplus.ca
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.luckymobile.ca
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c90c4a8225f936a356513ced16d2e004f926c7c6b15b33957187abef0a1d50a593be8de708729032b331d93a78a7008d03ee1e5756da278ce570f6f79a684a1c7409b0c7e9094f3963dcffab6b6027e9d8d2fa61ec9fb02b3ab6d5749c0e662d4f7f30e778af03a0fc89bad39170a5ebd7264795c3b6e861fc90f4bf592b771e3ae5a624d81a4d6db35744591014c2cfc17c0341380566f74e92d15e1d57a321e81c4f63aaa42836d94fab54ade1ce7e7c; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200023b2ec6476e45bbf0d3e7894c7489f460e392d0437d2fa8bcb5eb96f96a2a7ac08757be1c5113000d6ed1a1d5c0028609b0f77b4a4be34d031f9b1f331aafa52c2ea9a090bce29ee7c980ed27451ed2a80c34fc4d8278d8b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mybell.bell.ca/web/resources/css/bell.connector.css
206.47.98.207200 OK 39 kB URL HTTP/1.1 mybell.bell.ca/web/resources/css/bell.connector.css
IP 206.47.98.207:0
File type ASCII text, with very long lines (379), with CRLF line terminators
Hash 427b2cb3e25f6b51318df13d1b5beaab
756cafc8127018d12e8fb0141893b3354a76e551
3cca29a58ba02a8e3c1d003c8819badf2e680f3224054b7591c646537777e7c4
GET /web/resources/css/bell.connector.css HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: text/css
Content-Encoding: gzip
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Thu, 01 Dec 2022 00:54:38 GMT
Accept-Ranges: bytes
ETag: "1D9051F7CCBDB00"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:49 GMT
Content-Length: 39005
Set-Cookie: dtCookie=v_4_srv_11_sn_FD84E5956316738A708322559CE9C632_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.bell.ca
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.luckymobile.ca
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.virginplus.ca
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.luckymobile.ca
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c95248566cb6b9fb90994d7dc2b4d75af8b3672429a50ba5b73bb3c9682d0798e22c0b4bdb1ea734fef388afac82c36cbe6fe96badffebc9a873967300f316073902262e0039f3fde174f0f240def34f0a7bbc37e1fe97b9712ac01b15e5e9aaa66d396e11b01ef97abfcae0bb2dabe93192cdcf89a93e99b625dd24ccb06bef8ab9418cdd9dd032588932c1bbca17994152502a2501780c701113360f0c8fbcabb9cf70ab75d674e7c7fa154a1bb44297; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000438c3c4a412f16b5f6e80afa49f7ed53397182775a6d53ed6518412dd4bfb1c3088657ff7311300039c20de4b5e5b51e9b0f77b4a4be34d08f8107ef754a160a3ba71f90b980547c5dd4b61eaa65403229156e3492eedffc; Path=/
mybell.bell.ca/framework/js/MicrosoftMVCAjax.js
206.47.98.207200 OK 2.5 kB URL HTTP/1.1 mybell.bell.ca/framework/js/MicrosoftMVCAjax.js
IP 206.47.98.207:0
File type ASCII text, with very long lines (1215), with CRLF, LF line terminators
Hash 5831942b3558e03c8d3b1a392d2b9b55
1261127a755d36072e79ea5c1851b87a81bcea2a
9821fefc3852ec554ae89c573af199cc8aa9757e5f98012008e32d7a9fdd78da
GET /framework/js/MicrosoftMVCAjax.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 22 Jun 2014 08:23:00 GMT
Accept-Ranges: bytes
ETag: "1CF8DF32DAE4A00"
X-Generated-By: Q-BC041
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-214817724"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_11_sn_7077AEC212C03441579DCBBA33AD6C83_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1403984044.47873.0000; path=/; Httponly; Secure
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.bell.ca
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.luckymobile.ca
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.virginplus.ca
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.luckymobile.ca
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c934c2afa95263435ae189982c2942eff5b3b1bc3ff4e227d78782a566dcbcf8732992ca1dba74b69d92c00b79a023aaa0e7afbc70189476a8a6b05dc3f077509a414c05564da69926e1efaecf73aad7fbde9ec5865c4c404cfe2ff3606075b5c5dd7029f3cfbb827a95578e6d1ce1e09880523be6b7f060003debffadc26f8978f56f3acb06221d98473bd8ba31f60858add908f4aa98d771a44307fd061a97879f27e937d44dbaa39f0b0093f7e463ef; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200052658e3e79f969297c74888411d10f72aaa0ba61de2aa4184a712c750a2fff9208b753c59c113000cab12afeb4d3f70c0cd494d7dc65c7d1dd8f343184c406ed479131abb4f6ef088914ac0262dc129ede1065ad10ce95b5; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2506
Connection: Keep-Alive
mybell.bell.ca/web/js/modernizr.js
206.47.98.207200 OK 7.7 kB URL HTTP/1.1 mybell.bell.ca/web/js/modernizr.js
IP 206.47.98.207:0
File type HTML document, ASCII text, with very long lines (14641)
Hash dd03a8a2a63fcefed68b0c1692e733c0
a23606c2ea2ecd58ef93d84cb631184c7d82641e
2590b1abd32d78525fec7f91eaaeeb564897589130cc0f115eda419588a733e2
GET /web/js/modernizr.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="870721278"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_11_sn_EF53875BF3DF82E62A1B0B9D5F401634_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_1; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.bell.ca
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.luckymobile.ca
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.virginplus.ca
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.luckymobile.ca
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c97e86a9f2a64fc4c02e38e6e383913dc8c9a65fce51ef7d7679825156feb8a51b27e728d4c6489bdf8bfb466c60cdc137708393706ce45966ee068ed09798716cc0e6c550e4c98a1178f3fb787c8731358ffa66b270cfb93f7b74b3226d75be69ba167b67727f6ff8268c10f2415c166f7d1e5d0c1fb46913c24b19a8021a3ec4acaf97e9f83bb6c0129c02c90af928022291f629647350995dae6e72da543388d7de6f7136fdbc7040aa2f5d23be9cdc; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20008845370a7052de80584a801ef8f8a415980916995500b7757ae65595a2cc8432089fde450d113000eaa26bd0ff9656900cd494d7dc65c7d11dfcde574d142312ed25b1f23e7ed29c1ade8281e05f3f6e58bd3836730e993e; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7722
Connection: Keep-Alive
mybell.bell.ca/web/js/bell.myBell.core.js
206.47.98.207200 OK 2.4 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.myBell.core.js
IP 206.47.98.207:0
Hash 36c94a43b3dba120461494199d36a9f2
116545b2334eb249a496531226ae28ee9e8f1a0d
ab3a4aa8f2b67870aa3fe9c8610982b9427f8e8b1f28f23c0055090a25ad8928
GET /web/js/bell.myBell.core.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1647539538"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_C1F3AF37C5C2965768507D4A21207B63_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.bell.ca
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.luckymobile.ca
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.virginplus.ca
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.luckymobile.ca
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96606865527038a44039e222d6d6991982f519dda628aae2337c89989a127a11c00f533247c1f5abef8a629a495f82cf1622e08dd5889d9ab794eccb4f4bc39cd503826e887d16ce9e06ac426fe9e295bc0c02a791d429b985035c6eed680c4cccf08b6827f119f89f06dad0691ed5505c5236a8dc2450e05987d69a7a031c8d3bb48bdc64f065cb50683f758d16b5ddf38aad9750990e26f392cf525e139f7dae0a82daa3719e9391760a7ea81d26d06; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000ee9310a8fb653a1e145bb3fce099b0bee47f0f48d9937c054768112c56bc7b360844eba1511130005752b5256ee7133e0cd494d7dc65c7d13aaf77c557ba34257b6cecf32f5aeb64ba556bb1fb91aa0cdd7fb92ba94d8e38; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2384
Connection: Keep-Alive
prdbellweb.hs.llnwd.net/resource/web/css/bell_master.css?ver=202302061554
95.140.228.128200 OK 38 kB URL HTTP/1.1 prdbellweb.hs.llnwd.net/resource/web/css/bell_master.css?ver=202302061554
IP 95.140.228.128:0
File type ASCII text, with very long lines (525), with CRLF line terminators
Hash 44b1558bd647993f2828ccc33c6ccd48
0e46d38b40138f761727911493365759ce4bd9d5
ae5a8ce23920526ce3503e457914876fd83f6ef33afe89e6d498f49a0b597847
GET /resource/web/css/bell_master.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 37829
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Sun, 17 Jul 2022 16:18:05 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: 8f90f813f4b3799b1532f006b5168ef0
prdbellweb.hs.llnwd.net/resource/web/css/bell_prime.css?ver=202302061554
95.140.228.128200 OK 21 kB URL HTTP/1.1 prdbellweb.hs.llnwd.net/resource/web/css/bell_prime.css?ver=202302061554
IP 95.140.228.128:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (485), with CRLF line terminators
Hash e7b0604d2df91be13508bac3c355844f
42b7112f94c04f6460f801404fbd2f9f134722e3
aea57086d05b04854930e856987a49d341a10839fa8ba8bf8a6c05b7abede6e5
GET /resource/web/css/bell_prime.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 20828
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Thu, 01 Dec 2022 00:54:38 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: b2a63513b4d47c459e128f437605ec1b
prdbellweb.hs.llnwd.net/resource/web/css/jquery-ui.custom.css?ver=202302061554
95.140.228.128200 OK 4.1 kB URL HTTP/1.1 prdbellweb.hs.llnwd.net/resource/web/css/jquery-ui.custom.css?ver=202302061554
IP 95.140.228.128:0
File type ASCII text, with very long lines (1398)
Hash 2857747fee58281f210d12179342a3c5
0cfca1e0d1e87a6e2b974fb3e8e70f69b83f094a
c7e12c1ec5934115fddb360cebb9056dbde3e1e87636f058a64967f00d68ca6e
GET /resource/web/css/jquery-ui.custom.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 4071
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34791
Last-Modified: Sun, 20 Sep 2020 18:56:08 GMT
Expires: Tue, 07 Feb 2023 20:54:59 GMT
X-LLID: e9576ff0d40bc30143f627c0c05d4bac
mybell.bell.ca/web/js/bell.plugins.js
206.47.98.207200 OK 136 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.plugins.js
IP 206.47.98.207:0
File type Unicode text, UTF-8 (with BOM) text
Size 136 kB (135782 bytes)
Hash 4ea50956eec0cf0148e8ae5e269d6752
884a64f005895190f44a944ad5a2b2e814d3fc1e
aab72426e02693123e0a01425539c993767d8d9c692f18b3c2f305bba0109e85
GET /web/js/bell.plugins.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="241784326"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_9_sn_6BAC2469EBF9661A3A03A0EC5AA285E9_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.bell.ca
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.luckymobile.ca
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.virginplus.ca
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.luckymobile.ca
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9ed7bb823b263319a3f93f7d88ecb417fdb702037455153b4e227d4f7defa68375ef4574aa6d90fd169e1d10680d486b03fe646efa720580afeb3339d446ab28b3d8da4d0143c65a9abb046517126b5d133cd868fccb992d1ef5ab518f77f404990369fa5298a8071c1a4c35fbdfd6a363d560616bc60ea0d6c6a621143d780fd968dc8e7fa44768304fdda35ff13f47d52576645a72d98275d67ef774523901bcd595c415897e6b79591cd7c22e8b061; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20007835521d71f00aaa2ab35a93cd246fdc23cc78ca66375cc8a9c407772a95b0ea08a84a639911300066f05ed8fcca9d479b0f77b4a4be34d0a279146f660148d8f8a9667766e0233a905560262e72df2a151462bb04634522; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mybell.bell.ca/web/js/bell-dev.js
206.47.98.207200 OK 1.4 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell-dev.js
IP 206.47.98.207:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 330443ea0663e0bfeba9b86bd066ea34
496a8e10bc4ebf2d8337b20ca75dda22a967d753
751b400eb8fd4b675f2358736da64f6dacecf2cdf48f2828b73b49c2ea0f5107
GET /web/js/bell-dev.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Wed, 25 Mar 2015 09:01:40 GMT
Accept-Ranges: bytes
ETag: "1D066DA4E853200"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1796028255"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_9C489048EFB9740FE36B453D708BEEC4_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.bell.ca
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.luckymobile.ca
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.virginplus.ca
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.luckymobile.ca
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94417cf6a2aaa73e0d16679d0da151f777306363a2c3ef1ac22174526245e28e8f0ebe41db1e8284e114fd48855a85ac5ca05ea9ad05bbbc62f90a31241786df4f473d057895919520eed519507f51906d14a51a4c18b11bd116ae081ffd3cd429e3e7f36c79028226c13b8f6a318004f910d519a165bea20201abe06f9b66ca96a18be50f3e90dbca0cb84d2d00ed544cd149a6ef9d0891ed9226b3ab510a58e546a89c3558e8f08c0f095a792f3de04; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000d7c07f12ee47ff65bc1b24779d78717c2de924e6725d290387313d108692f03c0818b3f0f9113000d82dcadb8320e47e0cd494d7dc65c7d19a9c38034985cdf987613f6df3a06e6cb10bd62a0c42435232a3e8c203b62cdd; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1395
Connection: Keep-Alive
mybell.bell.ca/custom/js/customUtils.js
206.47.98.207200 OK 29 kB URL HTTP/1.1 mybell.bell.ca/custom/js/customUtils.js
IP 206.47.98.207:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 284ec99ac6da86794d73be92338b6447
57dfcf211894abc9ea7a4eb74ac6da734bf1f46d
c5df7bae1eea8d57477fa45c12f92df641c8c392f63f1fefd1316472545bf294
GET /custom/js/customUtils.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 15 Jan 2023 22:22:19 GMT
Accept-Ranges: bytes
ETag: "1D9292FD4879F80"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1078102325"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_5_sn_4331ECAA46040D3641DB22A0DAF202F8_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.bell.ca
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.luckymobile.ca
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.virginplus.ca
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.luckymobile.ca
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c992c2e9be68fc3fd2f787a04bd617919acbe365c9549ee587c1b382ca6ee1880b0565c05901e5f7611658fdd1266f1a46bf535e86db9d9cf7ea99c1f8786f9c3782ba8c0bd5eeefa42842957dd2aea5a11927b45ab69c05e96506a9bacb643bc9429d2353453f2ea9ae574136d675bc39aefcb83476bbf35efe4c39c773d646847b762ef1fb21cb6aafe7f817f112a48833126a758c38fc16ee45f514ac47f869c0686b465602b032193a2c04017f411f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20008cd3d1b8f84bb97b99405791dfaa3aba75ef6441c554907595f2d6e03bbb3daa08f1e9d31511300051320c79254e6f280cd494d7dc65c7d114a3354bfaed664527babf4e1444b409919be3fea992a87a39200fc32dda455b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mybell.bell.ca/web/js/bell.myBell.plugins.js
206.47.98.207200 OK 12 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.myBell.plugins.js
IP 206.47.98.207:0
File type ASCII text, with CRLF line terminators
Hash 0eb7e07d30fa976d9cb4d1c99b700f2f
913b41f32dc8d4c55d8313910bca6784aa6a4f1b
948fde202ead09961eba7879fa340c9300247788461bb298e4f40393f50d0ba7
GET /web/js/bell.myBell.plugins.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Wed, 25 Mar 2015 09:01:40 GMT
Accept-Ranges: bytes
ETag: "1D066DA4E853200"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="244952142"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_4A75A29273C1F1EB49ACF797B6064AF5_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.bell.ca
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.luckymobile.ca
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.virginplus.ca
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.luckymobile.ca
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c953c68ba3cc56b20c85b12b93473816caa1649f788fa0cff1bc4a644234deb0ca3cb535a640abc54c676e43c23f699ab8add428ef142f7baf6c78a4e5fb549280b00cc10756a5fa5f484f47c37e3056d95b5f8fb4c7e2d687d51ac49e03b912a54e4cf055279a5904e9baa778a49973055692dc920ab47a36b819b3a3bff7009087b9ece23879a7bd7b4486f4f20bead949ab6b2558601773a67c69c980c09c10f57b1d9e7b8c657d0377a1146755c86f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200040bfc22523edbd28dea4ee5625773ceb497dc8175a1891b2d08894d5ccc648f008a83bf16c113000204555d16eb38afb0cd494d7dc65c7d1ee69c07a18339d359285660629a2a84417793dfc518db46e0be90989be06aec5; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11456
Connection: Keep-Alive
mybell.bell.ca/custom/js/alerts.js
206.47.98.207200 OK 1.9 kB URL HTTP/1.1 mybell.bell.ca/custom/js/alerts.js
IP 206.47.98.207:0
File type ASCII text, with CRLF line terminators
Hash 5cef56c2c0a60b506d082de56e8d6566
c21a627753eb503007257d4ed04d4b837b3a97ef
d2b8e1bfcdd6369dfd89f9664858a400a89fd81d956ccfd09289e59bd2f2c604
GET /custom/js/alerts.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 24 Apr 2022 21:01:22 GMT
Accept-Ranges: bytes
ETag: "1D8581E73A6BD00"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1573972311"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_53E0F785656574E59C0317AB1E0CE32F_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.bell.ca
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.luckymobile.ca
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.virginplus.ca
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.luckymobile.ca
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9df91abb8ce60211e3fa5713d2a914f14cb5713c2fa7a8c62d534f62d4c0ac991e1bcfca8950e8cbfb5e43e62e891a96956f5eb9908326b335547b7373a80dca5b6bc7ef4f56ec846e7080b383e498ed159a3522450b94663db24f85f01b813b695ab638c2f7a8c75f7dc419051d43e540c3e413214639c15b28b25c6bc56465454dfccef6d525648222f364e0a4f18b3e07b24110ebd277d3947a678e9086a28681ab7c7c832f31eff5ceec5b745638f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000e47ecac51d1904c4e72000b018a375f37b70c0e61f275309eba3434aa2b9937608ab57e89b113000e114c776baa888230cd494d7dc65c7d18615418550e7c3d6beacda6e71e231eb93e2751e9eb277cf338b4e8744e4710b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1909
Connection: Keep-Alive
mybell.bell.ca/custom/js/GlobalConnector.js
206.47.98.207200 OK 5.9 kB URL HTTP/1.1 mybell.bell.ca/custom/js/GlobalConnector.js
IP 206.47.98.207:0
File type ASCII text, with CRLF line terminators
Hash dce0d28b95529eeb82759edae10a5800
a4916137ee56e7e2754099126641541d5a68eef3
a8433b0aa02055b1fdba54ad07222313f20a5a04cef67ac03f3d83bb11c1ee1f
GET /custom/js/GlobalConnector.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:41 GMT
Accept-Ranges: bytes
ETag: "1D458E92D3A3280"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1260731791"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_720B56976A8E287580714BA64CDCEC55_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.bell.ca
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.luckymobile.ca
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.virginplus.ca
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.luckymobile.ca
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9987079714fa9b63590e6bfcac0c7bfc8f605f1300f5b2bb3bf005d2f9ca65318305a0a4f02ac43bbeff98115f39386665408ddf72d6bc28214ba4f3aac5d9f3da242dba6d85a788962edf009458c9426a5868538dc213aa6bcd050ad641b3ba4faa4af1dce1795c2560d7837ddac19b9fddbabb4cec51a9695ee949dc0c4986a5254ee6fe15d3a2856bb395d4a60271169c76edb6c407fce1a44b72ad5bc44e2c0129627e778cdea189b8c22883422e6; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000e71eaf5b8e402ce7b2c2c85a198d95ac18a11be05ba077b268f01901cb3d97dd08d548fadf1130002f24dd43bcff2c4f0cd494d7dc65c7d1bf5085844374581982858cd7ef63050e15b56f543a1f4ca23926dad077d05231; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5872
Connection: Keep-Alive
mybell.bell.ca/web/js/bell.ui-kit.js
206.47.98.207200 OK 138 kB URL HTTP/1.1 mybell.bell.ca/web/js/bell.ui-kit.js
IP 206.47.98.207:0
File type ASCII text, with very long lines (18608)
Size 138 kB (138076 bytes)
Hash 645ae2c45e9214b96a09c7c31efded50
0a3949a82e378686523629c0b39aceec9161c230
29114303ab2fd00181d4df40e9a484245f991af3b6efbd417ad5d61f9c9776f5
GET /web/js/bell.ui-kit.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1472025391"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_562EBB2723A0A88AA4AF817DF9BE50FB_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.bell.ca
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.luckymobile.ca
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.virginplus.ca
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.luckymobile.ca
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9138f7859d47f90368913c6083224fc2ab1d384d03b3421069cd81c3bd6ba50f20db721ed3177261ac420420b8672448dc8af84f67d869542322f08f35780890c35a7d8d025d323d8f4d440912de949d0f86a5755f20c8ce034918c2544003ef20f03e08850ab832a95d941d16644afec73ea1732450e92831ec96d7e07e4f0fd5e11fb5409e46cac830d49f4d77c7b2e14afffd174450da292845e73dfba6c9d08a1c5ec4ee65d651f91c8224554fa05; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200046c27a52bd52aa7fce6d28bbeadb08c351849fed4a3454dd2866ef1205b1a75f08a66ff20611300043df2683676ca7920cd494d7dc65c7d1c223890059b2aae129ebd7aeaebb9579a276b5456b177129462543bad8ef8a14; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mybell.bell.ca/web/js/bell.init.js
206.47.98.207200 OK 677 B URL HTTP/1.1 mybell.bell.ca/web/js/bell.init.js
IP 206.47.98.207:0
Hash 9326e81ba6fd972ab497bedc066fe6c2
c76838d07c5baf93144adfd741afe4dd7d34d11c
4d58ece359070708236f0c4e0a6a1025d0d05995db66c04f6ae3e38a200750cc
GET /web/js/bell.init.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1450993283"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 677
Set-Cookie: dtCookie=v_4_srv_9_sn_3C19FC09E7A69B14B06D291A81728415_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.bell.ca
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.luckymobile.ca
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.virginplus.ca
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.luckymobile.ca
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96640fe3632cc02d2f03ec60339785348ccebca00163928b02515b885bdab9ce47278a19762f7d66ae211945cd5ba1d59fe3e787ad43628c6c8de3e2342830eb1c3857c86edbae6638ffa77ba2c7800ca5ca82c28d0330794443a7c38d21b27ec19cc94202c067ccc4b72f506e070e15219565864dda171ee3d35feb8b569e605aec85dc7841c6f2ef9c8f82ccebfd4320ef299053d642f097f4bd6af223004cd7d5657e8593b21556f1470a11de0d830; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000fd11f0fd14c27c17b99471b1aac4bc864e8e0be8a864a80ecb6be0c8d264d285085013239011300077c1b26d815d65070cd494d7dc65c7d1318c64f3a76d8dd90eb43bd1360eee665b8c9a45f368fc4b7baf502e6d0290e4; Path=/
Vary: Accept-Encoding
mybell.bell.ca/custom/foresee/foresee-trigger.js
206.47.98.207200 OK 59 kB URL HTTP/1.1 mybell.bell.ca/custom/foresee/foresee-trigger.js
IP 206.47.98.207:0
File type ASCII text, with very long lines (639), with CRLF, LF line terminators
Hash 15cef6ec8109c8d75442b86cd125d637
4450eaa0063fd480a5b917fbf0cbb20d73906c8e
2e906da8d9f9c42782074b4927e382be346eb28c34c13ee6a19b94738f82d8e5
GET /custom/foresee/foresee-trigger.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:41 GMT
Accept-Ranges: bytes
ETag: "1D458E92D3A3280"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2018719883"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_9_sn_6BF1D8D9661A9F511BF02D66747C01D3_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.bell.ca
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.luckymobile.ca
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.virginplus.ca
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.luckymobile.ca
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c97888e1da9f4a174e7c2fefba9ab42d021ca817a93ebc246c0cf099634e6b62b6c852be7fb643c098a4dda7f6f9b969904840d28b14a843ecf751d37f3691f7f134620511e0620d3ea38925ef71abbf62bb278dd7b45e29d2239e54f5219852518258bc3c93336a3d0e4fa52a55f14fdb79abad04c2ec07ebed472f1c39fa5dcdae42cc98ce1f33a1ce2c050adcc5d42f6fa8f59d66c985cbf2faca09cda5d8bf6b78bf18da2fcf57abeb99880bc01ef1; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a0165d82450f0f6cf9b5812398a7a4d872b581d7574cf5f4f2171a9483fe9a3608c38fea1d11300049dc1808de0d77f40cd494d7dc65c7d1710dc9cd35459dca3cc80fad348d44655623634cc70b078837dd779fb3e92a73; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
206.47.98.207404 Not Found 34 kB URL HTTP/1.1 mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
IP 206.47.98.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7448), with CRLF, LF line terminators
Hash 998ab22cc44079a60c1f28b3aa0a5262
bf3dc076645e446a7ae6ae12581b1c3385c65457
788a52757513f5bd87e67aa0c35e130a339b853c775fe1dc468e3e52ec7f1937
GET /web/js/actualXFTag.js?ver=94.0 HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, no-store
Pragma: no-cache,no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: ASP.NET_SessionId=jel0eowq4ewnfdgllh15nwkm; path=/;SameSite=Lax; secure; HttpOnly; SameSite=Lax
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:50 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:50 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
SessionCk=1ec2ac22-afa7-46b8-80df-b2a0fd4bcb79; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:50 GMT; path=/; secure; HttpOnly
SessionCk=1ec2ac22-afa7-46b8-80df-b2a0fd4bcb79; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:50 GMT; path=/; secure; HttpOnly
InActivityCK=f2155dfa-4c3c-4e60-8cc2-6b63ed9b5bbe; domain=.bell.ca; expires=Tue, 07-Feb-2023 07:04:50 GMT; path=/; secure; HttpOnly
ConsistentActivityCK=f2155dfa-4c3c-4e60-8cc2-6b63ed9b5bbe; domain=.bell.ca; expires=Tue, 07-Feb-2023 18:34:50 GMT; path=/; secure; HttpOnly
OmniturePageName=Mybell:Error; domain=.bell.ca; path=/; secure; HttpOnly
dtCookie=v_4_srv_7_sn_C6E37B0E8E3025601F3647E7B621D56B_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1403984044.47873.0000; path=/; Httponly; Secure
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.bell.ca
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.luckymobile.ca
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.virginplus.ca
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.luckymobile.ca
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c99129057bd96a7b2344ea33d97198dc53d48b05c00e8daa93f24bcfa74487119093d89871bc390426cd532e0abda2387ba3749da456ad1b2fa5d235f54be66e4845d2bf508a60a96bdc4acc9cd0743dcbfe43e959e6d7de7c672b48d3a8e76ef11c0310e371943acd0d0d20fc43fb1eff0a358144833c0f2222d1bebb1a45a808f10551d04fa16750109b183070d982ac9a7854644e3a629007dd3da3ea7aa2cb1e27aae9faf27172de7809af71a7209393d176cb5ab362f7db00839a174919242c9b8b459a48004ea473b86bd166819ba331ee2b920fcfe5d6f8284d8d4cc9b0136c52f89d13804742478fe04d3c2577208b41eb0353da6544a591a0648d82698227a6b487acbce174caef98fb36f836c9a376868095c2b185f7b213127eb586e327fb485340834551504382d32c472d; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a33c3111ded7cb7907c74ba0b4a71b18f12adf453013c6121e6dedb92c37933308c99a278411300054c3173e112bce8f0cd494d7dc65c7d12ad97e8a5f2f785386bddf74e1beef438f8a9a7dcca65c20a461fac4616ca9b4; Path=/
X-Generated-By: Q-BC041
Access-Control-Allow-Origin: https://mybell.bell.ca
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1189650652"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecd520b49-OSL
prdbellweb.hs.llnwd.net/resource/web/css/bell_master_a.css?ver=202302061554
95.140.228.128200 OK 28 kB URL HTTP/1.1 prdbellweb.hs.llnwd.net/resource/web/css/bell_master_a.css?ver=202302061554
IP 95.140.228.128:0
File type ASCII text, with very long lines (397), with CRLF line terminators
Hash 6c10d126e611e8a0ff98e769712aa6ac
ed0b4c20c26ba76081d7914d12fd924ac2a35945
6c44ec71184ecb4ac69d6bf732c8828aecc8d02592e15508ab4713cd0c21ea0a
GET /resource/web/css/bell_master_a.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:51 GMT
Content-Type: text/css
Content-Length: 28177
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Sat, 14 Nov 2020 05:30:14 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: d7fa90a94a8b3d9b2d57abb9a2d8f2d8
mybell.bell.ca/web/common/all_languages/all_regions/images/login/not_register_yet.jpg
206.47.98.207200 OK 8.1 kB URL HTTP/1.1 mybell.bell.ca/web/common/all_languages/all_regions/images/login/not_register_yet.jpg
IP 206.47.98.207:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 170x155, components 3\012- data
Hash cc1eeaae90343c9a7d0d74012baff655
ebbb2c93453b78301a55dccf1d704356431fb558
517dc416497e529b17399864d06116294060f0b858d63fe933abb90dd4ef998d
GET /web/common/all_languages/all_regions/images/login/not_register_yet.jpg HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/jpeg
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:42 GMT
Accept-Ranges: bytes
ETag: "1D458E92DD2C900"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 8142
Set-Cookie: dtCookie=v_4_srv_6_sn_5D828634022B04D29BAD70BE73DA900E_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.bell.ca
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.luckymobile.ca
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.virginplus.ca
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.luckymobile.ca
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9cbc499a76c669b90271975480675e952960d9711e319bcbcd0b2f742b4e02381d9c50a3c13580edbe4c712331794395fadd1c809aa45714c9540051720cf6a2310e903ff013e49c2cb3c9ddda08108b2584929153e49612ad25df1857705abf45d3149edeaceca97ebce7f489152223980dc027f7fac30f859a85540a885391698836e7aa48c13251667b1b3b5d40231fd8992d08529090c5dbc9b63985da7c50c0f00e25e864f4290e012dc56a16fd2; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000ba4a3f5df4efb49f8175d2ae36809ec18706c9a0bd0cb1e767e5cc7da486bd2b081dd9f695113000ca121fab0ef975d0ed1043e17f1e171123ce26559be903e44357bfd0854953b19de26cac3e12adfa648d4f81b6bcdcba; Path=/
mybell.bell.ca/web/resources/images/logo-bell-blue-47x28.png
206.47.98.207200 OK 2.3 kB URL HTTP/1.1 mybell.bell.ca/web/resources/images/logo-bell-blue-47x28.png
IP 206.47.98.207:0
File type PNG image data, 47 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 40a5354259fa7c6eafb901f28b9fa068
d9b4d2c00bca1398b07d60624d5886693d9034c8
d0eb56a3b02a0632526e3b2bd062bdd0c3b1803948b881dea9ac25ab345c408e
GET /web/resources/images/logo-bell-blue-47x28.png HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/png
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 2281
Set-Cookie: dtCookie=v_4_srv_6_sn_7EB1E74379FBA822FF3A12C04F17293A_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.bell.ca
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.luckymobile.ca
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.virginplus.ca
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.luckymobile.ca
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94fd8073325759326fd054f26b0760c4010e698e2bac214e42a7b810363cfefa4e270b2a61604fa39fccb1e6aa74464ef31f8aa53c72e27c91c1d2ac63e5436cfeb1bad619c7e147c11850a55618e02e9b0e22b727cea2d91e0bfac8ca02bdb3be7ffe5800672f6057a2e9f28c7b031e0bb973da1be07fd7e022e04eeb74a9c746258618d9825773c21623c2604ca02c0cb7d85ae91f415a2226240328740e6f40f2d0334d349cd23efdf031e094fa71a; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a4a5e46faf31d06697654a6af83f278829129eda79a27f4ffd2c4f112c8e3851089886230f11300090740949f39503d8ed1043e17f1e17112d7eb6a27a4edbfaa5af490232bd42d06b2a2fad2954e3ecd5e141f0b796cedc; Path=/
mybell.bell.ca/web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg
206.47.98.207200 OK 5.8 kB URL HTTP/1.1 mybell.bell.ca/web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg
IP 206.47.98.207:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 170x155, components 3\012- data
Hash 6ff8b5688ec3a0c1c5820dc7ebc7877b
aa26095b27d04311d9fdde14c204891592862a3c
2369f95bbeced1c99b833aa9a0cb4b3286c7a675cd3cd561cc9e4a4d4fc17743
GET /web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/jpeg
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 07 Dec 2014 07:21:29 GMT
Accept-Ranges: bytes
ETag: "1D011EE6B126280"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 5762
Set-Cookie: dtCookie=v_4_srv_10_sn_7D4B11C8B0F35019F6B3E24B7764050B_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.bell.ca
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.luckymobile.ca
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.virginplus.ca
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.luckymobile.ca
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96d6995525888f15925dda33c577ed8e3c6251b5d8592aae87bfbacb9a61abf2bce8925f86f976e31adb1e87434341e9afa7c5e945e7ca5467d826068af07b84cdadcece3226e1e5f2accd300ef97acc8c8658d7d760f76098dcdbf3387b62da45b3a5fc48e6e2b13a309393aeccf0d521ead8ae22be498df954724f4d2cc0f7c77adfe9004205b288103791af0e35b6f5a5a7eac50ecfa2cc700331944e464e6fd579be3048e306179236115a039b54f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20007bb006fe63adfcc819c9809bceb83a74c373f10d21590c43d39f3fc6a247941b08088442e511300066ad1062d7ca6ba7ed1043e17f1e17111873b63b9aa2971141d2ccb5210c5a536ee49168199812e6165ab248f163a9c4; Path=/
ww.w.conductability.org/web/common/en/all_regions/images/logos/entrust_seal.gif
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/entrust_seal.gif
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/entrust_seal.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
206.47.98.207404 Not Found 34 kB URL HTTP/1.1 mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
IP 206.47.98.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7447), with CRLF, LF line terminators
Hash a7e11cd099141248629b954bcaaeca21
36d1fe5c78b3d8f7d12d1ced7af8a14dae44f13d
a766c99a15f881071cbb76a878dc3af369dc48cf1047d564ec18c0bfd2f8250c
GET /web/js/actualXFTag.js?ver=94.0 HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, no-store
Pragma: no-cache,no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: ASP.NET_SessionId=4pftiwejex34uv1zmzmokugl; path=/;SameSite=Lax; secure; HttpOnly; SameSite=Lax
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:51 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:51 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
SessionCk=e0efe00e-ccc7-43b3-8b7a-641c1023161e; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:51 GMT; path=/; secure; HttpOnly
SessionCk=e0efe00e-ccc7-43b3-8b7a-641c1023161e; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:51 GMT; path=/; secure; HttpOnly
InActivityCK=1ce56c65-751e-41e6-b765-e48b9d8397db; domain=.bell.ca; expires=Tue, 07-Feb-2023 07:04:51 GMT; path=/; secure; HttpOnly
ConsistentActivityCK=1ce56c65-751e-41e6-b765-e48b9d8397db; domain=.bell.ca; expires=Tue, 07-Feb-2023 18:34:51 GMT; path=/; secure; HttpOnly
OmniturePageName=Mybell:Error; domain=.bell.ca; path=/; secure; HttpOnly
dtCookie=v_4_srv_10_sn_A4AECDB896222244BDD65435CFFEC577_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.bell.ca
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.luckymobile.ca
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.virginplus.ca
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.luckymobile.ca
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c92ba06292eeb1fca2f5dfd8b3d4916da9e6bb40f15b8e835438895f5f221b2599f7fba028316c642f05d94948827352f6d198470d5557eca1ddb77cdad1d51ab6f77695a860564b761c6e17f35a69088076df0d73081e1541efe1e1aaf65f4bf79837dedbd4a2896ccb4b1cf94af697d471b0d630e21a26d8ffe5dc9bba779c973da46d8de62fd612ffb5b77e3c67b62944eff6a55c52294009b982e2a9264b53ef7ecadaf742ab1eba2c289df3e50839505419f8bdbb45437323d8fc555540aaba7e78f1e450683a132b4b9fb3642962bb63dbce5236941b629fe1fbd820f840e9b63e3caecad4ae43fb7498cc1fef8864f7ddd776e7c3b3650788e45974ad80c3825a7fcda4339619ee47dcf8945e4d12d363a88a146c31e10cae39e880489d5e2035e623d3e672bf53d578b2fe9a0b; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000415bffb7fb9b4c57e1144c98802520265607e7693d6bbf3bf4e9a27b7905afb608a53c6e68113000ff754ffa6caca319ed1043e17f1e17114f248d4856a7bc13e3e9b67cb5f5e47ed20ebf21f8ba8e771f8a4f7bb3a0520d; Path=/
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: https://mybell.bell.ca
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1777535732"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/mtagconfig.js
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/mtagconfig.js
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/mtagconfig.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/resource/custom/js/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/resource/custom/js/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /web/js/opinion_lab/OpinionLab.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
Cookie: fsr.a=1675751742730
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff