Report - ww.w.conductability.org/Login.php

Report Overview

Submitted URL
ww.w.conductability.org/Login.php
IP
68.66.226.93
ASN
#55293 A2HOSTING
Submitted
2023-02-07 06:34:57
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
108
Threat Detection Systems
422

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.81.123.193
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	46 kB	34.120.237.76
mybell.bell.ca	456739	2012-10-17T18:33:50Z	2023-03-09T21:41:05Z	9.4 kB	681 kB	206.47.98.207
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.4 kB	3.9 kB	104.18.32.68
prdbellweb.hs.llnwd.net	unknown	2015-10-17T06:20:31Z	2023-02-22T20:08:44Z	1.7 kB	99 kB	95.140.228.128
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ww.w.conductability.org	unknown	2022-12-28T11:45:31Z	2023-03-09T01:18:33Z	37 kB	63 kB	68.66.226.93
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-13T05:09:58Z	1.7 kB	9.8 kB	104.110.10.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-07 06:35:34	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:35	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:36	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:37	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:38	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:39	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:39	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:40	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:41	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:42	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)
2023-02-07 06:35:43	medium	Client IP	68.66.226.93	ETPRO HUNTING Observed Unusual Host (ww.)

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	ww.w.conductability.org/Login.php	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada
2023-01-31	medium	ww.w.conductability.org/	Bell Canada

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	ww.w.conductability.org/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/mtagconfig.js	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/mtagconfig.js	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/resource/custom/js/Login.php	Phishing
2023-02-07	medium	ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	mybell.bell.ca/custom/js/customUtils.js	108 kB	2023-03-13	2023-03-13
Pretty URL mybell.bell.ca/custom/js/customUtils.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:49:29 Last Seen2023-03-13 18:51:46 Times Seen1 Hash b4fcaa482cc78513c8f3d93e2bdbf14a a899f632b8af65df40ed2d9164471d8b3305b80c d7803feb5a5df68e9b440cb8113a5ec94ed0181b6843504c2850df0598f2e688 Loading...

	mybell.bell.ca/web/js/bell.ui-kit.js	418 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.ui-kit.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 180fde6794676864495a275daaab4082 86662d5886591e7becd1bcefb73356cac538e91d 413c970f1a7531ae0c56afda5dcec00e7e025c17de25ec167a0e5d63901d90f1 Loading...

	mybell.bell.ca/web/js/bell-dev.js	3.2 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell-dev.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash e7ca2a2207e62d6cee69fc26424e2dfd d716e869cf6981a3ab50a27bbd73ff617515cdc5 e735795037938915336008d73e19bc1f215a7f76f4e462d498aa8ef286155860 Loading...

	ww.w.conductability.org/Login.php	45 B	2023-03-11	2024-02-22
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:34:36 Last Seen2024-02-22 18:32:46 Times Seen18 Hash 9fa104d60582fbcf59c8694765ff2fc2 d3b96fd9f19cf11c614defcf1cdf161bb09dc8cd 77f908f6a10e845e041ac873d83f474d56aded3bc5fbc69c6de35102a53644ed Loading...

	mybell.bell.ca/framework/js/MicrosoftMVCAjax.js	5.9 kB	2023-03-12	2023-12-20
Pretty URL mybell.bell.ca/framework/js/MicrosoftMVCAjax.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-12-20 18:16:11 Times Seen13 Hash 5493bc5ddbe034e43972314457782d3a 57607917b91aaddcaa13171ff75e889223c51129 e3089f96afa53f3b13d758f75e8b0b77a225a5997411a3101e8e347dc29ecc96 Loading...

	mybell.bell.ca/web/js/modernizr.js	15 kB	2023-03-12	2024-04-22
Pretty URL mybell.bell.ca/web/js/modernizr.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2024-04-22 11:25:20 Times Seen6 Hash aaa0d0fa19f7fe585e3d3403ba2ca41e b7d7d522291eb5923cabb5ca26d8efc4fb1de8ed 6e2a3c19b2ba325ce0a07faeee24a8d01491cea411a092652a5d7ffe71f5dd1c Loading...

	mybell.bell.ca/custom/js/GlobalConnector.js	20 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/custom/js/GlobalConnector.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 066b3ae15a0d311864233fe8f16cc36a 1b65f2a2e4ce531b994418369ea15677940f78c8 e2947362e31f9484fb5a5926b0b71e315227bc9f8c80017e49e9bacc13ea56c2 Loading...

	ww.w.conductability.org/Login.php	1.6 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 21:00:29 Times Seen1 Hash d41c8adc5814553e8c2250ee9ecf12e7 44f09eec80e1ab64ce9f00d36f9c572c29886607 ad57cedd272169d6436b2cadcf4af5c5e6778c8d3e827a3e6f8a728bfbaf08c7 Loading...

	mybell.bell.ca/web/js/bell.init.js	677 B	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.init.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 9326e81ba6fd972ab497bedc066fe6c2 c76838d07c5baf93144adfd741afe4dd7d34d11c 4d58ece359070708236f0c4e0a6a1025d0d05995db66c04f6ae3e38a200750cc Loading...

	ww.w.conductability.org/Login.php	3.5 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 8824195106b6372ab6523f6d6366f9d1 50000df45b7719253f21df069359a4f51b47589a 2458d75d6a6203524d8fc211e79d81b5eedebe50a7c3255f5013a80797f7c792 Loading...

	ww.w.conductability.org/Login.php	22 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 7a16229e9b581ecc2ae71591af06bb3f 1b9e0aaa8f0990bc529241f9c578a652c9e94f3a 021bd069375548ed272d055269bed006d869bf886da4b9bd7bbc614823d2d6a8 Loading...

	mybell.bell.ca/web/js/bell_master.js	45 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell_master.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 2c58a3ba137020ee66ef402395b80458 de24234065a04126d88f908b926f533a3d91a568 3abfc729b52bc99bb090e8e322439d15c55fc5eb11d86e907168db0ed10b1436 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 01:27:19 Times Seen37107611 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mybell.bell.ca/web/js/bell.myBell.plugins.js	36 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.myBell.plugins.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 35ae71394a370bb2ba293cb1d338ed22 a8f4eba60209a5b0c86be8648b81a55f2a05ac58 69b4972bfa53f8c1b0ce349d535668a710708632c05d9135b61fc704b92b00b0 Loading...

	mybell.bell.ca/custom/foresee/foresee-trigger.js	129 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/custom/foresee/foresee-trigger.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 2e4bbeb1b2fad2ed19157aba1cf175d3 378dd2eccd4b5635d62e3dbe5fecbcdedf559390 f05c1f36007f64efd37c18565940a686e2471dc98765950a1126f69564bc0f42 Loading...

	ww.w.conductability.org/Login.php	3.0 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 262ae9109b896536df4024afc39bb309 d4f7235cefd517d435534d02a9c8b2ffcb11682a 5435134bf7c46462a6ebfe1f9aca2fe6198ac628dc3c7f43ec5fed2494bc8108 Loading...

	ww.w.conductability.org/Login.php	928 B	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 1fcea14a85bff6e9c53b0abac992fe5a 3b513cad94c843165dced204611511056da38381 308d1f633c83cfc863325baeeb2ff7a6011ccf7b3bc854124aac357c2790c086 Loading...

	ww.w.conductability.org/Login.php	873 B	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 21:00:28 Times Seen1 Hash 0a28ee6dabeee6301df5d14f160bd315 7bceee47c71104dc526587b6f67561e8aec7abcc 330c2dc1cc607b17bd0092e5531cbb58eb1995d9b813d8a7ea563a7b7b770192 Loading...

	mybell.bell.ca/framework/js/MicrosoftAjax.js	115 kB	2023-03-12	2024-01-01
Pretty URL mybell.bell.ca/framework/js/MicrosoftAjax.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2024-01-01 12:52:35 Times Seen3 Hash c0757477c8bd0715910811d90f3aa47e 604df9f3f24474baf6f2b67a165275fec32e1cad 99f07e7b88b828c0dbff82e95061f8226af3d5b9833bdfb8dd2c98c0a9406f98 Loading...

	mybell.bell.ca/web/js/bell.plugins.js	430 kB	2023-03-13	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.plugins.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:49:29 Last Seen2023-03-13 18:51:46 Times Seen1 Hash d65887c29b1c4704a1c8318aa880452f 15a516965bb37474236b789179a6108a40596425 2fc3559a45fae886abfd0503c7d7adb12be845cb0133ecd6b64e2c6d8e4d196f Loading...

	mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js	2.7 kB	2023-03-09	2024-04-26
Pretty URL mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:57:53 Last Seen2024-04-26 22:59:49 Times Seen42 Hash 76c5415b4a612a0dec80fb3a39ee4b0a e2d2a16a9fb7811b7e3e98b70c454e29fa8637c3 89da54af89d1dc132d88d36276efcf776b56d555b2b4ec4046af37bbebbedceb Loading...

	ww.w.conductability.org/Login.php	95 B	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash e09ec696e9f4fa41544f7405dc105f1e 7b0dd02a35b38540a9783bba88d607b4a74fecf7 63224534571dcf26da41f62ba115fc58d9f0c7b574e60a3a1724504bb2ab0613 Loading...

	mybell.bell.ca/web/js/bell.myBell.core.js	5.9 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.myBell.core.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 2c2d1ba3506307ff97bc7dfd0f0d5ce1 f088352b690c3b31f6c9ce3ff099cdf1dc4cc2ed c4ba7c438317f2d4de60759d0fcb3953f1c7941bfe7e89be56485e998af1c845 Loading...

	mybell.bell.ca/custom/js/alerts.js	6.0 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/custom/js/alerts.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 2ab97af89fe682cdf611571fcd46b42a 2ccf850d4d29873b0f4faf258e0c979acded5e1c ee4d85c943d9632f12ee3afc33195031634e5e7a73c41ac867436c8e3ff644bd Loading...

	mybell.bell.ca/web/js/bell.resources.js	2.8 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.resources.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash ef9bea5eb215e67a7b9787ca191282e2 0e174b5f26a2be6ec218a8a3bea4e38df036de03 697203dceec67dcb974b62e34740f107ec904cce0e9bc0eebcccb7bd978cd6e7 Loading...

	mybell.bell.ca/web/js/bell.utils.js	40 kB	2023-03-12	2023-03-13
Pretty URL mybell.bell.ca/web/js/bell.utils.js IP 206.47.98.207 ASN #577 BACOM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 5dabea4284b774ccbbadbb35c688873d 0635bfd26b981c84d21059d5917fb74227ab5935 0083dcc14db0391e737b908bba1c19a0dafb3bd5dabc689e2e42a212a45bfb78 Loading...

	ww.w.conductability.org/Login.php	4.5 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 7880bef4b11e95c2aa82c246ae19009c e284be7a932505631b347bfb5ac87053728dd055 2a6b9357044a62130994ddd7c237d15d604d5345fb967cf52e5486c545c142d9 Loading...

	ww.w.conductability.org/Login.php	1.6 kB	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 934b1613f5ea2ef23d299adf878c2dd7 3ff1ded4be698b301d2857d745c15837731bcf03 5de2b53074a9cbf13918cce6b8536678f40dbc0426d681b4eb6bf1b48be55af6 Loading...

	ww.w.conductability.org/Login.php	260 B	2023-03-12	2023-03-13
Pretty URL ww.w.conductability.org/Login.php IP 68.66.226.93 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:58:04 Last Seen2023-03-13 18:51:46 Times Seen1 Hash 70d254634da610d08aa377f645aec955 6d7e12e5fa107499c480a0d7f42c2a397e800226 6931757b066d90371fa39e28e9971be1008b5b6ce00c4dbb686d770d07ca9bc4 Loading...

HTTP Transactions (161)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13103
Expires: Tue, 07 Feb 2023 10:13:09 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4722
Expires: Tue, 07 Feb 2023 07:53:28 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 06:34:07 GMT
content-type: application/json
age: 39
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20792
Expires: Tue, 07 Feb 2023 12:21:18 GMT
Date: Tue, 07 Feb 2023 06:34:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BdaeVLTSNu9bZMQg8Z+xGoCBbdLbn79jrnn9Uue7YTiD1dn0NffvGCehnN/YoaLZH88NzOGuPAY=
x-amz-request-id: 0M0QHQQ6P123G46V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 05:45:27 GMT
age: 2959
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 06:34:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ww.w.conductability.org/Login.php

68.66.226.93

200 OK

17 kB

URL HTTP/1.1
ww.w.conductability.org/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (362), with CRLF line terminators
Size
17 kB (17027 bytes)
Hash
dc4fcac8f3d4b91ac70d11f4eccd4f0e
c7eeb8f0cf487cf5dab9729d63b5ee014e5c6b78
ad38f85c05eaa2412db6ea279248d5a907bd3267c7c062f9f68f008fd5f1a040

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
content-length: 17027
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/mtagconfig.js

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/mtagconfig.js
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/mtagconfig.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/s_code_bell.js?v=11062013EH01 HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 05:51:19 GMT
age: 2607
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/OpinionLab.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:46 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3733
Expires: Tue, 07 Feb 2023 07:37:00 GMT
Date: Tue, 07 Feb 2023 06:34:47 GMT
Connection: keep-alive

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

push.services.mozilla.com/

35.81.123.193

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.123.193:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uY8xm5yfe3ku6TbRNiu5tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XeHgs/l2V9eBSgpq7jGWE4NbCaE=

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:47 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6565
Expires: Tue, 07 Feb 2023 08:24:13 GMT
Date: Tue, 07 Feb 2023 06:34:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6565
Expires: Tue, 07 Feb 2023 08:24:13 GMT
Date: Tue, 07 Feb 2023 06:34:48 GMT
Connection: keep-alive

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6316 bytes)
Hash
c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 879578cc-a58a-4516-a7cd-68850553762b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc79ECLIAMFclw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb2-57141dcf1c5595110f5f572e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ARr-i9j3ruIxZ123Ae2bEk_c2s_5Zs7fhrn4UXphw_jOYrtvq9OMVg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 49188
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12368 bytes)
Hash
08d66d83f1ae9acd6e442c4dcaed2a20
8c258ac6de196f8c32f1af69e7a754da0610b090
a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12368
x-amzn-requestid: 988041b5-278d-4ea6-9ee9-77377bcab080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzPr-GoQoAMFkGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf97f-4a891b142f5d503703694380;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:21:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tFE9XdCE4VScFBlyxeWM-7mPl7tH7x5KrVsE4te7JUuerHnti03Vyg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:47:51 GMT
age: 28017
etag: "8c258ac6de196f8c32f1af69e7a754da0610b090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4227 bytes)
Hash
eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 31169
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7183 bytes)
Hash
92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:27 GMT
age: 31161
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6384 bytes)
Hash
88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: li__CyiikZFRNF7c8_9Kbi18VJ39UzJiNgP9z141MCUFVPnYAEXPCg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:24:59 GMT
age: 29389
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3712 bytes)
Hash
0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z5r7rFH2nEro98p7U4_Lz8xIrX_bnU7ntAc46ytGzL8498buHzsCcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:26 GMT
age: 31162
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:48 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 07 Feb 2023 07:34:49 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3578
Expires: Tue, 07 Feb 2023 07:34:27 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3521
Expires: Tue, 07 Feb 2023 07:33:30 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 07 Feb 2023 07:34:49 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
425957ea35cf2b18e6e5bee40cbbaed6
8729cc1b7004bcea777298de597f8370dee96050
f7946f976380ed5f5e2d1b6c7725033884931fcb24bc579b088baeacb2dedb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F7946F976380ED5F5E2D1B6C7725033884931FCB24BC579B088BAEACB2DEDB24"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3508
Expires: Tue, 07 Feb 2023 07:33:17 GMT
Date: Tue, 07 Feb 2023 06:34:49 GMT
Connection: keep-alive

mybell.bell.ca/web/css/myBell/bell.myBell.core.css

206.47.98.207

200 OK

9.0 kB

URL HTTP/1.1
mybell.bell.ca/web/css/myBell/bell.myBell.core.css
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (482)
Size
9.0 kB (8960 bytes)
Hash
3fb1b36de6c6251612cf491442b057bd
98c1ee9cce16f445d8146072854255914804802a
5b9346051cb9ea5ac5b981aa0b5794adad8f28c9fec593e5c86e9351f5997681

HTTP Headers

GET /web/css/myBell/bell.myBell.core.css HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: text/css
Content-Encoding: gzip
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 18 Oct 2020 21:26:35 GMT
Accept-Ranges: bytes
ETag: "1D6A5955B087780"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:49 GMT
Content-Length: 8960
Set-Cookie: dtCookie=v_4_srv_5_sn_1E82DE634C04717BC96D219910317A52_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.bell.ca
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.luckymobile.ca
TLTSID=820BD95D8B210CB6E390B4FB7934A963; Path=/; Domain=.virginplus.ca
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.luckymobile.ca
TLTUID=AD87626A6F3B760516165565F4367AD8; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9f759ccda32aa71ba7b7c46a2566f9791ec277f4825fbb78b89d65a79a1f8c8444d3a8ca833bd00614f48d838f62dd622ca46e5c0147dbccd3b8947fc31506d5d6d13111851a60d1bbc09fc1a91e38821d056a48e74c3da4f96720696d265a5cf1793d790de0eea9b2cfe4c0c2c1a8901d189770f661fb6f957d2f0b2baa7097b283ab379ba8f4d19ae6953d7d663f8ba4bdee3298009ebc1699dc7f2bfeec45701815c08495fc370bb42db5c58d9131c; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200029bae22f88ea89e127660c17f9660189002d058c5203e95c9eb190e7fefad3fd0813530fa211300037c10bcb358d645a9b0f77b4a4be34d0add92e06fd7366d53072473dd10675649df6d7b5bdc1d77f36f43f29b0c6e0a8; Path=/

mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js

206.47.98.207

200 OK

1.5 kB

URL HTTP/1.1
mybell.bell.ca/framework/js/jquery.unobtrusive-ajax.min.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (2631)
Size
1.5 kB (1502 bytes)
Hash
fd05a4f786abc2bcb7adcc5546bf2032
6a2a4390224414a7fda4a281ca5ac2c3c1ca6bc6
b969186c5196a69c2bc27bb0b44c7b92032f53714e91b527dca0afb98a5bf031

HTTP Headers

GET /framework/js/jquery.unobtrusive-ajax.min.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 22 Jun 2014 08:23:00 GMT
Accept-Ranges: bytes
ETag: "1CF8DF32DAE4A00"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-334851645"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_5_sn_50D2B5A730BCFF7CD0E174BE143C7521_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.bell.ca
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.luckymobile.ca
TLTSID=3AADDB2856F762A6BBD4D730927D7564; Path=/; Domain=.virginplus.ca
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.luckymobile.ca
TLTUID=66B18F94C8EE807E970E11BFE4840943; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c99cf168db4499c598849e79b9a3812f8e4b5083deee8ca015078096b0296c878b4f3da7f704e64e2a831af0b97eaa9f769047dccc3e46dbd90ca9f4124e07f4e36fa8a00f9240ace3123cf3dce3b1610ccb279b62fd96f51d7b0a6e67b5300cb871abd686aeedd8ec1ef5201ba6e8ca1c4f516bafc32b502ed35916646807204f8adc2d73949778558a709937e21e0db4795633f0054d790044ebbb8925d88a5869a950169b58e405e521466df9536d42; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200023e2717b1f99ba664d927d591b67961b62b231a68f41e0f866347d299eb7dca808a924fbbd1130009cae1b9567c979c19b0f77b4a4be34d08e26b315d8a904f01f671d86095246b1d6d15c61332d7bf98fbb49bfe8b82cbb; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1502
Connection: Keep-Alive

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

mybell.bell.ca/web/js/bell.utils.js

206.47.98.207

200 OK

11 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.utils.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text
Size
11 kB (11171 bytes)
Hash
495f39f0a789290210132765601a690c
217942474b0210eaf5903a4355715c2865c1e898
ed4b4ec96335f0cb6b3977937cc7fa149713b07fa27b590ca94d3b2e011b44bd

HTTP Headers

GET /web/js/bell.utils.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="621164677"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_86E73831CFF7D58E4F7CFF3778A449BA_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.bell.ca
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.luckymobile.ca
TLTSID=8EEA440F00357BF6F7457B89041EC80B; Path=/; Domain=.virginplus.ca
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.luckymobile.ca
TLTUID=1814463A01047149608D485A085B925C; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9eb5857c1480a9b76a9a62fc295f3fe37884057a04d10e1926176381fa54d304df4f50e16a34b39d377478f3f7de83e36cc87e32b4af8184e20a8f264b712b1ad3e30edcac495549186d26415cab5e31a7275dd5703271f758d6a0ee2e066f4b4b391e62aebb210ee967efb266de944b715f8b049897a01dabc2b74290b671626459e94be253de2da746c1cb1e73ebd75bbf8f34a2cf7999a88f73b33a61a4647851f69a1a558f956b88e2030b2c17dc8; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200089d9de5c69c2d1b5ef3c78a1978efbb1cc430034b986fbd6d06d9fe3f314bd2608d97c8ac5113000a32dc660d08984529b0f77b4a4be34d06a29026a9dd9278efc241d4a018022eb73f1281f480b8de6c206aad0159e2043; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11171
Connection: Keep-Alive

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:49 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

mybell.bell.ca/web/js/bell.resources.js

206.47.98.207

200 OK

1.3 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.resources.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
Unicode text, UTF-8 text
Size
1.3 kB (1259 bytes)
Hash
a61f6111bdab7790cae119027424512b
323af826ac29e8291cd593832034055a152fe59a
b14b95a79f33dfaed74c11e7091cd4b9902094c6a8842acb5366e1a2a561d1c1

HTTP Headers

GET /web/js/bell.resources.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1057321020"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_80160D9F204F52D78D87FB117CA49D0D_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.bell.ca
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.luckymobile.ca
TLTSID=9A5DF7D0030790F67D2BAE775592D4F1; Path=/; Domain=.virginplus.ca
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.luckymobile.ca
TLTUID=2F2E04AFBD85899DE2AD2919353A2115; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94a1c205208e52398369c60c91d42f2d0965d904709e111a613bae19223effdb27113e997def01553850b5188c977387a43767ca776ee938f82ba12ff6831169e5fe7528269a4f12f5aeff3de56cfd9e2b246bd41fbaebfa6d0fae6f9f65c8210188e3aca58ac3d3a64d99f7a0ac501505196317307c8036c7a5bf8f7d8cb9546f5a42b5c77dafde7d5d000a6f8d145a7f6b3a571bee3055facd152cb226d98241e1e427e7afa0ee7af2c8134e18c47cc; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000498795a285b9d48e3705da164b27080b9ec1306f0b5de65baf3eabefddb7ee760869144bd61130004e6c1f038e1674360cd494d7dc65c7d1bf8c907a0a9d13afc71fd8b3c0e0dad32dd6ed42571da79684536c73e3b4f089; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1259
Connection: Keep-Alive

mybell.bell.ca/web/js/bell_master.js

206.47.98.207

200 OK

13 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell_master.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with CRLF, LF line terminators
Size
13 kB (13363 bytes)
Hash
72a0c315a309a043d34318947ff52165
5ee0bd952e4f3faf272e8ec7d3342e3bac4a1add
2447502432b800f08cb7eb20325e2a51c2f66f902892ce8cb1db126464122249

HTTP Headers

GET /web/js/bell_master.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-884084308"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_25D2B4B747CB4C2DF9EC6D96B990C8AD_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.bell.ca
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.luckymobile.ca
TLTSID=4A14635666C9AB245B097210988519A0; Path=/; Domain=.virginplus.ca
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.luckymobile.ca
TLTUID=679B1F29354532939A6D6F06B22B63E4; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96f2ce69297c8ecf0cf7b62b518063136bc4717cbeb2634bc3cff63d9146f4723f80b5c285f977590865931ef823c40b84ad2111cf885c889c0c97d47c53b095706f12873ec2e56e126f2a9e1b9a3c94fd8f809164ecdbe66f6f0ee83ae427fe33237144ce3174526dbad69810512753edf8ae63f9458ac56366caf44ae187bbf1cdc6e08f66f9b57cb74779615cf7da1c421be6413ebf0ad6184dbef75ad5ff82166d0a55d95fb73a88c129d0881ce55; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200087ff079f846a0c75939e0ea6c69cdb2c8c387d3674d5bce3c59aa36d1045c7f108673a41521130007caecf0c1c226f500cd494d7dc65c7d1a323500cfa6985aee5fa89d9c9ce148caebe5478d89cef18430b808fa3648810; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13363
Connection: Keep-Alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecaa80b31-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecab4b4ff-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1edeacb4fd-OSL

ww.w.conductability.org/web/js/opinion_lab/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:50 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/web/common/all_languages/all_regions/js/metrics/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/web/common/all_languages/all_regions/js/metrics/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:50 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

mybell.bell.ca/web/js/jquery.js

206.47.98.207

200 OK

43 kB

URL HTTP/1.1
mybell.bell.ca/web/js/jquery.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (65181), with CRLF, LF line terminators
Size
43 kB (42587 bytes)
Hash
c90ceea5fb879c494600c9a42da6a3be
81bd44e540fed99e0fc921219357c830b2965f49
9b17eb90425fddd4dd4cc6022137b8b495b66e5e7332f502ad82c8e5869058dc

HTTP Headers

GET /web/js/jquery.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1847089410"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_E2E43E8FD2308F83AC5A20C9AEF63C13_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.bell.ca
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.luckymobile.ca
TLTSID=F14B12711DF015BC732A7EA0024179E6; Path=/; Domain=.virginplus.ca
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.luckymobile.ca
TLTUID=25415E9CE20C932F1EE239DD878CF59B; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c90c4a8225f936a356513ced16d2e004f926c7c6b15b33957187abef0a1d50a593be8de708729032b331d93a78a7008d03ee1e5756da278ce570f6f79a684a1c7409b0c7e9094f3963dcffab6b6027e9d8d2fa61ec9fb02b3ab6d5749c0e662d4f7f30e778af03a0fc89bad39170a5ebd7264795c3b6e861fc90f4bf592b771e3ae5a624d81a4d6db35744591014c2cfc17c0341380566f74e92d15e1d57a321e81c4f63aaa42836d94fab54ade1ce7e7c; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200023b2ec6476e45bbf0d3e7894c7489f460e392d0437d2fa8bcb5eb96f96a2a7ac08757be1c5113000d6ed1a1d5c0028609b0f77b4a4be34d031f9b1f331aafa52c2ea9a090bce29ee7c980ed27451ed2a80c34fc4d8278d8b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

mybell.bell.ca/web/resources/css/bell.connector.css

206.47.98.207

200 OK

39 kB

URL HTTP/1.1
mybell.bell.ca/web/resources/css/bell.connector.css
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (379), with CRLF line terminators
Size
39 kB (39005 bytes)
Hash
427b2cb3e25f6b51318df13d1b5beaab
756cafc8127018d12e8fb0141893b3354a76e551
3cca29a58ba02a8e3c1d003c8819badf2e680f3224054b7591c646537777e7c4

HTTP Headers

GET /web/resources/css/bell.connector.css HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: text/css
Content-Encoding: gzip
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Thu, 01 Dec 2022 00:54:38 GMT
Accept-Ranges: bytes
ETag: "1D9051F7CCBDB00"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:49 GMT
Content-Length: 39005
Set-Cookie: dtCookie=v_4_srv_11_sn_FD84E5956316738A708322559CE9C632_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.bell.ca
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.luckymobile.ca
TLTSID=E0857B981EFED91126CFD58BC6E58DE2; Path=/; Domain=.virginplus.ca
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.luckymobile.ca
TLTUID=7016C1FD1A4D0100984B3F2FCC09B418; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c95248566cb6b9fb90994d7dc2b4d75af8b3672429a50ba5b73bb3c9682d0798e22c0b4bdb1ea734fef388afac82c36cbe6fe96badffebc9a873967300f316073902262e0039f3fde174f0f240def34f0a7bbc37e1fe97b9712ac01b15e5e9aaa66d396e11b01ef97abfcae0bb2dabe93192cdcf89a93e99b625dd24ccb06bef8ab9418cdd9dd032588932c1bbca17994152502a2501780c701113360f0c8fbcabb9cf70ab75d674e7c7fa154a1bb44297; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000438c3c4a412f16b5f6e80afa49f7ed53397182775a6d53ed6518412dd4bfb1c3088657ff7311300039c20de4b5e5b51e9b0f77b4a4be34d08f8107ef754a160a3ba71f90b980547c5dd4b61eaa65403229156e3492eedffc; Path=/

mybell.bell.ca/framework/js/MicrosoftMVCAjax.js

206.47.98.207

200 OK

2.5 kB

URL HTTP/1.1
mybell.bell.ca/framework/js/MicrosoftMVCAjax.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (1215), with CRLF, LF line terminators
Size
2.5 kB (2506 bytes)
Hash
5831942b3558e03c8d3b1a392d2b9b55
1261127a755d36072e79ea5c1851b87a81bcea2a
9821fefc3852ec554ae89c573af199cc8aa9757e5f98012008e32d7a9fdd78da

HTTP Headers

GET /framework/js/MicrosoftMVCAjax.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 22 Jun 2014 08:23:00 GMT
Accept-Ranges: bytes
ETag: "1CF8DF32DAE4A00"
X-Generated-By: Q-BC041
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-214817724"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_11_sn_7077AEC212C03441579DCBBA33AD6C83_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1403984044.47873.0000; path=/; Httponly; Secure
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.bell.ca
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.luckymobile.ca
TLTSID=FF8DF3AA23BAF2B8BD2B5F828EB64B6A; Path=/; Domain=.virginplus.ca
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.luckymobile.ca
TLTUID=6F34B346B4298070D96E62767067096F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c934c2afa95263435ae189982c2942eff5b3b1bc3ff4e227d78782a566dcbcf8732992ca1dba74b69d92c00b79a023aaa0e7afbc70189476a8a6b05dc3f077509a414c05564da69926e1efaecf73aad7fbde9ec5865c4c404cfe2ff3606075b5c5dd7029f3cfbb827a95578e6d1ce1e09880523be6b7f060003debffadc26f8978f56f3acb06221d98473bd8ba31f60858add908f4aa98d771a44307fd061a97879f27e937d44dbaa39f0b0093f7e463ef; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200052658e3e79f969297c74888411d10f72aaa0ba61de2aa4184a712c750a2fff9208b753c59c113000cab12afeb4d3f70c0cd494d7dc65c7d1dd8f343184c406ed479131abb4f6ef088914ac0262dc129ede1065ad10ce95b5; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2506
Connection: Keep-Alive

mybell.bell.ca/web/js/modernizr.js

206.47.98.207

200 OK

7.7 kB

URL HTTP/1.1
mybell.bell.ca/web/js/modernizr.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
HTML document, ASCII text, with very long lines (14641)
Size
7.7 kB (7722 bytes)
Hash
dd03a8a2a63fcefed68b0c1692e733c0
a23606c2ea2ecd58ef93d84cb631184c7d82641e
2590b1abd32d78525fec7f91eaaeeb564897589130cc0f115eda419588a733e2

HTTP Headers

GET /web/js/modernizr.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="870721278"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_11_sn_EF53875BF3DF82E62A1B0B9D5F401634_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_1; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.bell.ca
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.luckymobile.ca
TLTSID=C6CD9548FAB71E7D686F5338C89603A3; Path=/; Domain=.virginplus.ca
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.luckymobile.ca
TLTUID=1408B693251133A7A4EF877681AA458F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c97e86a9f2a64fc4c02e38e6e383913dc8c9a65fce51ef7d7679825156feb8a51b27e728d4c6489bdf8bfb466c60cdc137708393706ce45966ee068ed09798716cc0e6c550e4c98a1178f3fb787c8731358ffa66b270cfb93f7b74b3226d75be69ba167b67727f6ff8268c10f2415c166f7d1e5d0c1fb46913c24b19a8021a3ec4acaf97e9f83bb6c0129c02c90af928022291f629647350995dae6e72da543388d7de6f7136fdbc7040aa2f5d23be9cdc; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20008845370a7052de80584a801ef8f8a415980916995500b7757ae65595a2cc8432089fde450d113000eaa26bd0ff9656900cd494d7dc65c7d11dfcde574d142312ed25b1f23e7ed29c1ade8281e05f3f6e58bd3836730e993e; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7722
Connection: Keep-Alive

mybell.bell.ca/web/js/bell.myBell.core.js

206.47.98.207

200 OK

2.4 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.myBell.core.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text
Size
2.4 kB (2384 bytes)
Hash
36c94a43b3dba120461494199d36a9f2
116545b2334eb249a496531226ae28ee9e8f1a0d
ab3a4aa8f2b67870aa3fe9c8610982b9427f8e8b1f28f23c0055090a25ad8928

HTTP Headers

GET /web/js/bell.myBell.core.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1647539538"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_C1F3AF37C5C2965768507D4A21207B63_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.bell.ca
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.luckymobile.ca
TLTSID=EE0441997492E26E7889B1ED9DB29A0C; Path=/; Domain=.virginplus.ca
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.luckymobile.ca
TLTUID=9D1D8108DA57B1F4C7E16205380344F3; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96606865527038a44039e222d6d6991982f519dda628aae2337c89989a127a11c00f533247c1f5abef8a629a495f82cf1622e08dd5889d9ab794eccb4f4bc39cd503826e887d16ce9e06ac426fe9e295bc0c02a791d429b985035c6eed680c4cccf08b6827f119f89f06dad0691ed5505c5236a8dc2450e05987d69a7a031c8d3bb48bdc64f065cb50683f758d16b5ddf38aad9750990e26f392cf525e139f7dae0a82daa3719e9391760a7ea81d26d06; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000ee9310a8fb653a1e145bb3fce099b0bee47f0f48d9937c054768112c56bc7b360844eba1511130005752b5256ee7133e0cd494d7dc65c7d13aaf77c557ba34257b6cecf32f5aeb64ba556bb1fb91aa0cdd7fb92ba94d8e38; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2384
Connection: Keep-Alive

prdbellweb.hs.llnwd.net/resource/web/css/bell_master.css?ver=202302061554

95.140.228.128

200 OK

38 kB

URL HTTP/1.1
prdbellweb.hs.llnwd.net/resource/web/css/bell_master.css?ver=202302061554
IP
95.140.228.128:0
ASN
#22822 LLNW

File type
ASCII text, with very long lines (525), with CRLF line terminators
Size
38 kB (37829 bytes)
Hash
44b1558bd647993f2828ccc33c6ccd48
0e46d38b40138f761727911493365759ce4bd9d5
ae5a8ce23920526ce3503e457914876fd83f6ef33afe89e6d498f49a0b597847

HTTP Headers

GET /resource/web/css/bell_master.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 37829
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Sun, 17 Jul 2022 16:18:05 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: 8f90f813f4b3799b1532f006b5168ef0

prdbellweb.hs.llnwd.net/resource/web/css/bell_prime.css?ver=202302061554

95.140.228.128

200 OK

21 kB

URL HTTP/1.1
prdbellweb.hs.llnwd.net/resource/web/css/bell_prime.css?ver=202302061554
IP
95.140.228.128:0
ASN
#22822 LLNW

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (485), with CRLF line terminators
Size
21 kB (20828 bytes)
Hash
e7b0604d2df91be13508bac3c355844f
42b7112f94c04f6460f801404fbd2f9f134722e3
aea57086d05b04854930e856987a49d341a10839fa8ba8bf8a6c05b7abede6e5

HTTP Headers

GET /resource/web/css/bell_prime.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 20828
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Thu, 01 Dec 2022 00:54:38 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: b2a63513b4d47c459e128f437605ec1b

prdbellweb.hs.llnwd.net/resource/web/css/jquery-ui.custom.css?ver=202302061554

95.140.228.128

200 OK

4.1 kB

URL HTTP/1.1
prdbellweb.hs.llnwd.net/resource/web/css/jquery-ui.custom.css?ver=202302061554
IP
95.140.228.128:0
ASN
#22822 LLNW

File type
ASCII text, with very long lines (1398)
Size
4.1 kB (4071 bytes)
Hash
2857747fee58281f210d12179342a3c5
0cfca1e0d1e87a6e2b974fb3e8e70f69b83f094a
c7e12c1ec5934115fddb360cebb9056dbde3e1e87636f058a64967f00d68ca6e

HTTP Headers

GET /resource/web/css/jquery-ui.custom.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: text/css
Content-Length: 4071
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34791
Last-Modified: Sun, 20 Sep 2020 18:56:08 GMT
Expires: Tue, 07 Feb 2023 20:54:59 GMT
X-LLID: e9576ff0d40bc30143f627c0c05d4bac

mybell.bell.ca/web/js/bell.plugins.js

206.47.98.207

200 OK

136 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.plugins.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
Unicode text, UTF-8 (with BOM) text
Size
136 kB (135782 bytes)
Hash
4ea50956eec0cf0148e8ae5e269d6752
884a64f005895190f44a944ad5a2b2e814d3fc1e
aab72426e02693123e0a01425539c993767d8d9c692f18b3c2f305bba0109e85

HTTP Headers

GET /web/js/bell.plugins.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:49 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="241784326"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_9_sn_6BAC2469EBF9661A3A03A0EC5AA285E9_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.bell.ca
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.luckymobile.ca
TLTSID=7CB1DBF19943B2FE09AC65D300B03700; Path=/; Domain=.virginplus.ca
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:49 GMT
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.luckymobile.ca
TLTUID=02ED6E5C230E399FA83B977630AB8593; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9ed7bb823b263319a3f93f7d88ecb417fdb702037455153b4e227d4f7defa68375ef4574aa6d90fd169e1d10680d486b03fe646efa720580afeb3339d446ab28b3d8da4d0143c65a9abb046517126b5d133cd868fccb992d1ef5ab518f77f404990369fa5298a8071c1a4c35fbdfd6a363d560616bc60ea0d6c6a621143d780fd968dc8e7fa44768304fdda35ff13f47d52576645a72d98275d67ef774523901bcd595c415897e6b79591cd7c22e8b061; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20007835521d71f00aaa2ab35a93cd246fdc23cc78ca66375cc8a9c407772a95b0ea08a84a639911300066f05ed8fcca9d479b0f77b4a4be34d0a279146f660148d8f8a9667766e0233a905560262e72df2a151462bb04634522; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

mybell.bell.ca/web/js/bell-dev.js

206.47.98.207

200 OK

1.4 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell-dev.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.4 kB (1395 bytes)
Hash
330443ea0663e0bfeba9b86bd066ea34
496a8e10bc4ebf2d8337b20ca75dda22a967d753
751b400eb8fd4b675f2358736da64f6dacecf2cdf48f2828b73b49c2ea0f5107

HTTP Headers

GET /web/js/bell-dev.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Wed, 25 Mar 2015 09:01:40 GMT
Accept-Ranges: bytes
ETag: "1D066DA4E853200"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1796028255"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_9C489048EFB9740FE36B453D708BEEC4_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.bell.ca
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.luckymobile.ca
TLTSID=881D5F0506101C18E9481E59F89F1B3A; Path=/; Domain=.virginplus.ca
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.luckymobile.ca
TLTUID=4DA48EA97BC12422B2B48A7F655E2080; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94417cf6a2aaa73e0d16679d0da151f777306363a2c3ef1ac22174526245e28e8f0ebe41db1e8284e114fd48855a85ac5ca05ea9ad05bbbc62f90a31241786df4f473d057895919520eed519507f51906d14a51a4c18b11bd116ae081ffd3cd429e3e7f36c79028226c13b8f6a318004f910d519a165bea20201abe06f9b66ca96a18be50f3e90dbca0cb84d2d00ed544cd149a6ef9d0891ed9226b3ab510a58e546a89c3558e8f08c0f095a792f3de04; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000d7c07f12ee47ff65bc1b24779d78717c2de924e6725d290387313d108692f03c0818b3f0f9113000d82dcadb8320e47e0cd494d7dc65c7d19a9c38034985cdf987613f6df3a06e6cb10bd62a0c42435232a3e8c203b62cdd; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1395
Connection: Keep-Alive

mybell.bell.ca/custom/js/customUtils.js

206.47.98.207

200 OK

29 kB

URL HTTP/1.1
mybell.bell.ca/custom/js/customUtils.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
29 kB (29051 bytes)
Hash
284ec99ac6da86794d73be92338b6447
57dfcf211894abc9ea7a4eb74ac6da734bf1f46d
c5df7bae1eea8d57477fa45c12f92df641c8c392f63f1fefd1316472545bf294

HTTP Headers

GET /custom/js/customUtils.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 15 Jan 2023 22:22:19 GMT
Accept-Ranges: bytes
ETag: "1D9292FD4879F80"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1078102325"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_5_sn_4331ECAA46040D3641DB22A0DAF202F8_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.bell.ca
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.luckymobile.ca
TLTSID=1C14B8B2E6B46ECC4E593E27F031DBE7; Path=/; Domain=.virginplus.ca
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.luckymobile.ca
TLTUID=BA99DFDFAF2BBA1CCE53FA2E21072366; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c992c2e9be68fc3fd2f787a04bd617919acbe365c9549ee587c1b382ca6ee1880b0565c05901e5f7611658fdd1266f1a46bf535e86db9d9cf7ea99c1f8786f9c3782ba8c0bd5eeefa42842957dd2aea5a11927b45ab69c05e96506a9bacb643bc9429d2353453f2ea9ae574136d675bc39aefcb83476bbf35efe4c39c773d646847b762ef1fb21cb6aafe7f817f112a48833126a758c38fc16ee45f514ac47f869c0686b465602b032193a2c04017f411f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20008cd3d1b8f84bb97b99405791dfaa3aba75ef6441c554907595f2d6e03bbb3daa08f1e9d31511300051320c79254e6f280cd494d7dc65c7d114a3354bfaed664527babf4e1444b409919be3fea992a87a39200fc32dda455b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

mybell.bell.ca/web/js/bell.myBell.plugins.js

206.47.98.207

200 OK

12 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.myBell.plugins.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with CRLF line terminators
Size
12 kB (11456 bytes)
Hash
0eb7e07d30fa976d9cb4d1c99b700f2f
913b41f32dc8d4c55d8313910bca6784aa6a4f1b
948fde202ead09961eba7879fa340c9300247788461bb298e4f40393f50d0ba7

HTTP Headers

GET /web/js/bell.myBell.plugins.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Wed, 25 Mar 2015 09:01:40 GMT
Accept-Ranges: bytes
ETag: "1D066DA4E853200"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="244952142"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_4A75A29273C1F1EB49ACF797B6064AF5_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.bell.ca
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.luckymobile.ca
TLTSID=D07545A9211FD3BE3C9E8032ECD4B4DB; Path=/; Domain=.virginplus.ca
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.luckymobile.ca
TLTUID=531053FFC194A813AF08871B8037D596; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c953c68ba3cc56b20c85b12b93473816caa1649f788fa0cff1bc4a644234deb0ca3cb535a640abc54c676e43c23f699ab8add428ef142f7baf6c78a4e5fb549280b00cc10756a5fa5f484f47c37e3056d95b5f8fb4c7e2d687d51ac49e03b912a54e4cf055279a5904e9baa778a49973055692dc920ab47a36b819b3a3bff7009087b9ece23879a7bd7b4486f4f20bead949ab6b2558601773a67c69c980c09c10f57b1d9e7b8c657d0377a1146755c86f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200040bfc22523edbd28dea4ee5625773ceb497dc8175a1891b2d08894d5ccc648f008a83bf16c113000204555d16eb38afb0cd494d7dc65c7d1ee69c07a18339d359285660629a2a84417793dfc518db46e0be90989be06aec5; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11456
Connection: Keep-Alive

mybell.bell.ca/custom/js/alerts.js

206.47.98.207

200 OK

1.9 kB

URL HTTP/1.1
mybell.bell.ca/custom/js/alerts.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1909 bytes)
Hash
5cef56c2c0a60b506d082de56e8d6566
c21a627753eb503007257d4ed04d4b837b3a97ef
d2b8e1bfcdd6369dfd89f9664858a400a89fd81d956ccfd09289e59bd2f2c604

HTTP Headers

GET /custom/js/alerts.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 24 Apr 2022 21:01:22 GMT
Accept-Ranges: bytes
ETag: "1D8581E73A6BD00"
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1573972311"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_8_sn_53E0F785656574E59C0317AB1E0CE32F_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.bell.ca
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.luckymobile.ca
TLTSID=5099C490FBA721E6D99B4928FB9C8568; Path=/; Domain=.virginplus.ca
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.luckymobile.ca
TLTUID=A4579BF10D6ACD9EBA4C9398A84DB97A; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9df91abb8ce60211e3fa5713d2a914f14cb5713c2fa7a8c62d534f62d4c0ac991e1bcfca8950e8cbfb5e43e62e891a96956f5eb9908326b335547b7373a80dca5b6bc7ef4f56ec846e7080b383e498ed159a3522450b94663db24f85f01b813b695ab638c2f7a8c75f7dc419051d43e540c3e413214639c15b28b25c6bc56465454dfccef6d525648222f364e0a4f18b3e07b24110ebd277d3947a678e9086a28681ab7c7c832f31eff5ceec5b745638f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000e47ecac51d1904c4e72000b018a375f37b70c0e61f275309eba3434aa2b9937608ab57e89b113000e114c776baa888230cd494d7dc65c7d18615418550e7c3d6beacda6e71e231eb93e2751e9eb277cf338b4e8744e4710b; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1909
Connection: Keep-Alive

mybell.bell.ca/custom/js/GlobalConnector.js

206.47.98.207

200 OK

5.9 kB

URL HTTP/1.1
mybell.bell.ca/custom/js/GlobalConnector.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with CRLF line terminators
Size
5.9 kB (5872 bytes)
Hash
dce0d28b95529eeb82759edae10a5800
a4916137ee56e7e2754099126641541d5a68eef3
a8433b0aa02055b1fdba54ad07222313f20a5a04cef67ac03f3d83bb11c1ee1f

HTTP Headers

GET /custom/js/GlobalConnector.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:41 GMT
Accept-Ranges: bytes
ETag: "1D458E92D3A3280"
X-Generated-By: Q-BC040
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1260731791"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Set-Cookie: dtCookie=v_4_srv_6_sn_720B56976A8E287580714BA64CDCEC55_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1387206828.47873.0000; path=/; Httponly; Secure
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.bell.ca
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.luckymobile.ca
TLTSID=0A54CCC0BF03D32A48741C7EA967060E; Path=/; Domain=.virginplus.ca
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.luckymobile.ca
TLTUID=F514DD9DD7A34C81EF163931F408FFE8; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9987079714fa9b63590e6bfcac0c7bfc8f605f1300f5b2bb3bf005d2f9ca65318305a0a4f02ac43bbeff98115f39386665408ddf72d6bc28214ba4f3aac5d9f3da242dba6d85a788962edf009458c9426a5868538dc213aa6bcd050ad641b3ba4faa4af1dce1795c2560d7837ddac19b9fddbabb4cec51a9695ee949dc0c4986a5254ee6fe15d3a2856bb395d4a60271169c76edb6c407fce1a44b72ad5bc44e2c0129627e778cdea189b8c22883422e6; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000e71eaf5b8e402ce7b2c2c85a198d95ac18a11be05ba077b268f01901cb3d97dd08d548fadf1130002f24dd43bcff2c4f0cd494d7dc65c7d1bf5085844374581982858cd7ef63050e15b56f543a1f4ca23926dad077d05231; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5872
Connection: Keep-Alive

mybell.bell.ca/web/js/bell.ui-kit.js

206.47.98.207

200 OK

138 kB

URL HTTP/1.1
mybell.bell.ca/web/js/bell.ui-kit.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (18608)
Size
138 kB (138076 bytes)
Hash
645ae2c45e9214b96a09c7c31efded50
0a3949a82e378686523629c0b39aceec9161c230
29114303ab2fd00181d4df40e9a484245f991af3b6efbd417ad5d61f9c9776f5

HTTP Headers

GET /web/js/bell.ui-kit.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1472025391"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_7_sn_562EBB2723A0A88AA4AF817DF9BE50FB_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.bell.ca
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.luckymobile.ca
TLTSID=F877F4443416E03229987E1E4F46A542; Path=/; Domain=.virginplus.ca
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.luckymobile.ca
TLTUID=FD113959B35A1F67F823F106E7C0D060; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9138f7859d47f90368913c6083224fc2ab1d384d03b3421069cd81c3bd6ba50f20db721ed3177261ac420420b8672448dc8af84f67d869542322f08f35780890c35a7d8d025d323d8f4d440912de949d0f86a5755f20c8ce034918c2544003ef20f03e08850ab832a95d941d16644afec73ea1732450e92831ec96d7e07e4f0fd5e11fb5409e46cac830d49f4d77c7b2e14afffd174450da292845e73dfba6c9d08a1c5ec4ee65d651f91c8224554fa05; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab200046c27a52bd52aa7fce6d28bbeadb08c351849fed4a3454dd2866ef1205b1a75f08a66ff20611300043df2683676ca7920cd494d7dc65c7d1c223890059b2aae129ebd7aeaebb9579a276b5456b177129462543bad8ef8a14; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

mybell.bell.ca/web/js/bell.init.js

206.47.98.207

200 OK

677 B

URL HTTP/1.1
mybell.bell.ca/web/js/bell.init.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text
Size
677 B (677 bytes)
Hash
9326e81ba6fd972ab497bedc066fe6c2
c76838d07c5baf93144adfd741afe4dd7d34d11c
4d58ece359070708236f0c4e0a6a1025d0d05995db66c04f6ae3e38a200750cc

HTTP Headers

GET /web/js/bell.init.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1450993283"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 677
Set-Cookie: dtCookie=v_4_srv_9_sn_3C19FC09E7A69B14B06D291A81728415_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.bell.ca
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.luckymobile.ca
TLTSID=CB3F36D74C14982D7BC1C7004355FA4E; Path=/; Domain=.virginplus.ca
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.luckymobile.ca
TLTUID=373102534B4BA3A10F43F62206E23B22; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96640fe3632cc02d2f03ec60339785348ccebca00163928b02515b885bdab9ce47278a19762f7d66ae211945cd5ba1d59fe3e787ad43628c6c8de3e2342830eb1c3857c86edbae6638ffa77ba2c7800ca5ca82c28d0330794443a7c38d21b27ec19cc94202c067ccc4b72f506e070e15219565864dda171ee3d35feb8b569e605aec85dc7841c6f2ef9c8f82ccebfd4320ef299053d642f097f4bd6af223004cd7d5657e8593b21556f1470a11de0d830; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000fd11f0fd14c27c17b99471b1aac4bc864e8e0be8a864a80ecb6be0c8d264d285085013239011300077c1b26d815d65070cd494d7dc65c7d1318c64f3a76d8dd90eb43bd1360eee665b8c9a45f368fc4b7baf502e6d0290e4; Path=/
Vary: Accept-Encoding

mybell.bell.ca/custom/foresee/foresee-trigger.js

206.47.98.207

200 OK

59 kB

URL HTTP/1.1
mybell.bell.ca/custom/foresee/foresee-trigger.js
IP
206.47.98.207:0
ASN
#577 BACOM

File type
ASCII text, with very long lines (639), with CRLF, LF line terminators
Size
59 kB (59027 bytes)
Hash
15cef6ec8109c8d75442b86cd125d637
4450eaa0063fd480a5b917fbf0cbb20d73906c8e
2e906da8d9f9c42782074b4927e382be346eb28c34c13ee6a19b94738f82d8e5

HTTP Headers

GET /custom/foresee/foresee-trigger.js HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: application/x-javascript
Expires: Wed, 08 Feb 2023 06:34:50 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:41 GMT
Accept-Ranges: bytes
ETag: "1D458E92D3A3280"
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2018719883"
Date: Tue, 07 Feb 2023 06:34:49 GMT
Set-Cookie: dtCookie=v_4_srv_9_sn_6BF1D8D9661A9F511BF02D66747C01D3_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=967776428.47873.0000; path=/; Httponly; Secure
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.bell.ca
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.luckymobile.ca
TLTSID=A7B25CB7AA96A44782C0B0C27CFA1A97; Path=/; Domain=.virginplus.ca
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.luckymobile.ca
TLTUID=6964A50A05D70B70EB4473587DDEF350; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c97888e1da9f4a174e7c2fefba9ab42d021ca817a93ebc246c0cf099634e6b62b6c852be7fb643c098a4dda7f6f9b969904840d28b14a843ecf751d37f3691f7f134620511e0620d3ea38925ef71abbf62bb278dd7b45e29d2239e54f5219852518258bc3c93336a3d0e4fa52a55f14fdb79abad04c2ec07ebed472f1c39fa5dcdae42cc98ce1f33a1ce2c050adcc5d42f6fa8f59d66c985cbf2faca09cda5d8bf6b78bf18da2fcf57abeb99880bc01ef1; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a0165d82450f0f6cf9b5812398a7a4d872b581d7574cf5f4f2171a9483fe9a3608c38fea1d11300049dc1808de0d77f40cd494d7dc65c7d1710dc9cd35459dca3cc80fad348d44655623634cc70b078837dd779fb3e92a73; Path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

mybell.bell.ca/web/js/actualXFTag.js?ver=94.0

206.47.98.207

404 Not Found

34 kB

URL HTTP/1.1
mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
IP
206.47.98.207:0
ASN
#577 BACOM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7448), with CRLF, LF line terminators
Size
34 kB (34329 bytes)
Hash
998ab22cc44079a60c1f28b3aa0a5262
bf3dc076645e446a7ae6ae12581b1c3385c65457
788a52757513f5bd87e67aa0c35e130a339b853c775fe1dc468e3e52ec7f1937

HTTP Headers

GET /web/js/actualXFTag.js?ver=94.0 HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, no-store
Pragma: no-cache,no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: ASP.NET_SessionId=jel0eowq4ewnfdgllh15nwkm; path=/;SameSite=Lax; secure; HttpOnly; SameSite=Lax
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:50 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:50 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
SessionCk=1ec2ac22-afa7-46b8-80df-b2a0fd4bcb79; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:50 GMT; path=/; secure; HttpOnly
SessionCk=1ec2ac22-afa7-46b8-80df-b2a0fd4bcb79; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:50 GMT; path=/; secure; HttpOnly
InActivityCK=f2155dfa-4c3c-4e60-8cc2-6b63ed9b5bbe; domain=.bell.ca; expires=Tue, 07-Feb-2023 07:04:50 GMT; path=/; secure; HttpOnly
ConsistentActivityCK=f2155dfa-4c3c-4e60-8cc2-6b63ed9b5bbe; domain=.bell.ca; expires=Tue, 07-Feb-2023 18:34:50 GMT; path=/; secure; HttpOnly
OmniturePageName=Mybell:Error; domain=.bell.ca; path=/; secure; HttpOnly
dtCookie=v_4_srv_7_sn_C6E37B0E8E3025601F3647E7B621D56B_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1403984044.47873.0000; path=/; Httponly; Secure
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.bell.ca
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.luckymobile.ca
TLTSID=C994DC85152EC0B88A077CE2B6FF2CBA; Path=/; Domain=.virginplus.ca
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:50 GMT
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.luckymobile.ca
TLTUID=B98B8A529328F4CAA16B1FFAE507EDED; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c99129057bd96a7b2344ea33d97198dc53d48b05c00e8daa93f24bcfa74487119093d89871bc390426cd532e0abda2387ba3749da456ad1b2fa5d235f54be66e4845d2bf508a60a96bdc4acc9cd0743dcbfe43e959e6d7de7c672b48d3a8e76ef11c0310e371943acd0d0d20fc43fb1eff0a358144833c0f2222d1bebb1a45a808f10551d04fa16750109b183070d982ac9a7854644e3a629007dd3da3ea7aa2cb1e27aae9faf27172de7809af71a7209393d176cb5ab362f7db00839a174919242c9b8b459a48004ea473b86bd166819ba331ee2b920fcfe5d6f8284d8d4cc9b0136c52f89d13804742478fe04d3c2577208b41eb0353da6544a591a0648d82698227a6b487acbce174caef98fb36f836c9a376868095c2b185f7b213127eb586e327fb485340834551504382d32c472d; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a33c3111ded7cb7907c74ba0b4a71b18f12adf453013c6121e6dedb92c37933308c99a278411300054c3173e112bce8f0cd494d7dc65c7d12ad97e8a5f2f785386bddf74e1beef438f8a9a7dcca65c20a461fac4616ca9b4; Path=/
X-Generated-By: Q-BC041
Access-Control-Allow-Origin: https://mybell.bell.ca
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1189650652"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
052bc796a71a95f7d013eedae02f3693
83b6c6127434de8555a0de6389cd0953cc186249
c2ca4ea476adf395cd7ecbf922199f1df7cd00e073a8ac6970f4030eeac3c120

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:22:58 GMT
Expires: Sat, 11 Feb 2023 14:22:57 GMT
Etag: "83b6c6127434de8555a0de6389cd0953cc186249"
Cache-Control: max-age=373086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a1a1ecd520b49-OSL

prdbellweb.hs.llnwd.net/resource/web/css/bell_master_a.css?ver=202302061554

95.140.228.128

200 OK

28 kB

URL HTTP/1.1
prdbellweb.hs.llnwd.net/resource/web/css/bell_master_a.css?ver=202302061554
IP
95.140.228.128:0
ASN
#22822 LLNW

File type
ASCII text, with very long lines (397), with CRLF line terminators
Size
28 kB (28177 bytes)
Hash
6c10d126e611e8a0ff98e769712aa6ac
ed0b4c20c26ba76081d7914d12fd924ac2a35945
6c44ec71184ecb4ac69d6bf732c8828aecc8d02592e15508ab4713cd0c21ea0a

HTTP Headers

GET /resource/web/css/bell_master_a.css?ver=202302061554 HTTP/1.1
Host: prdbellweb.hs.llnwd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mybell.bell.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 06:34:51 GMT
Content-Type: text/css
Content-Length: 28177
Connection: keep-alive
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
X-Generated-By: Q-BC036
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 34792
Last-Modified: Sat, 14 Nov 2020 05:30:14 GMT
Expires: Tue, 07 Feb 2023 20:54:58 GMT
X-LLID: d7fa90a94a8b3d9b2d57abb9a2d8f2d8

mybell.bell.ca/web/common/all_languages/all_regions/images/login/not_register_yet.jpg

206.47.98.207

200 OK

8.1 kB

URL HTTP/1.1
mybell.bell.ca/web/common/all_languages/all_regions/images/login/not_register_yet.jpg
IP
206.47.98.207:0
ASN
#577 BACOM

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 170x155, components 3\012- data
Size
8.1 kB (8142 bytes)
Hash
cc1eeaae90343c9a7d0d74012baff655
ebbb2c93453b78301a55dccf1d704356431fb558
517dc416497e529b17399864d06116294060f0b858d63fe933abb90dd4ef998d

HTTP Headers

GET /web/common/all_languages/all_regions/images/login/not_register_yet.jpg HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/jpeg
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:42 GMT
Accept-Ranges: bytes
ETag: "1D458E92DD2C900"
X-Generated-By: Q-BC038
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 8142
Set-Cookie: dtCookie=v_4_srv_6_sn_5D828634022B04D29BAD70BE73DA900E_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1034885292.47873.0000; path=/; Httponly; Secure
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.bell.ca
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.luckymobile.ca
TLTSID=8A3D292A6F726B0FC9E15EEC7BB9E8D6; Path=/; Domain=.virginplus.ca
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.luckymobile.ca
TLTUID=6D83FCA979CF4AF6EDA1C2487B762927; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c9cbc499a76c669b90271975480675e952960d9711e319bcbcd0b2f742b4e02381d9c50a3c13580edbe4c712331794395fadd1c809aa45714c9540051720cf6a2310e903ff013e49c2cb3c9ddda08108b2584929153e49612ad25df1857705abf45d3149edeaceca97ebce7f489152223980dc027f7fac30f859a85540a885391698836e7aa48c13251667b1b3b5d40231fd8992d08529090c5dbc9b63985da7c50c0f00e25e864f4290e012dc56a16fd2; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000ba4a3f5df4efb49f8175d2ae36809ec18706c9a0bd0cb1e767e5cc7da486bd2b081dd9f695113000ca121fab0ef975d0ed1043e17f1e171123ce26559be903e44357bfd0854953b19de26cac3e12adfa648d4f81b6bcdcba; Path=/

mybell.bell.ca/web/resources/images/logo-bell-blue-47x28.png

206.47.98.207

200 OK

2.3 kB

URL HTTP/1.1
mybell.bell.ca/web/resources/images/logo-bell-blue-47x28.png
IP
206.47.98.207:0
ASN
#577 BACOM

File type
PNG image data, 47 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2281 bytes)
Hash
40a5354259fa7c6eafb901f28b9fa068
d9b4d2c00bca1398b07d60624d5886693d9034c8
d0eb56a3b02a0632526e3b2bd062bdd0c3b1803948b881dea9ac25ab345c408e

HTTP Headers

GET /web/resources/images/logo-bell-blue-47x28.png HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/png
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 30 Sep 2018 18:12:47 GMT
Accept-Ranges: bytes
ETag: "1D458E930CDB980"
X-Generated-By: Q-BC035
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 2281
Set-Cookie: dtCookie=v_4_srv_6_sn_7EB1E74379FBA822FF3A12C04F17293A_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=581900460.47873.0000; path=/; Httponly; Secure
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.bell.ca
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.luckymobile.ca
TLTSID=764AFE7986A91C9CA5EC7D2CA3A9FBCD; Path=/; Domain=.virginplus.ca
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.luckymobile.ca
TLTUID=13FDC67F8502E235CA2006F41D93E11C; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c94fd8073325759326fd054f26b0760c4010e698e2bac214e42a7b810363cfefa4e270b2a61604fa39fccb1e6aa74464ef31f8aa53c72e27c91c1d2ac63e5436cfeb1bad619c7e147c11850a55618e02e9b0e22b727cea2d91e0bfac8ca02bdb3be7ffe5800672f6057a2e9f28c7b031e0bb973da1be07fd7e022e04eeb74a9c746258618d9825773c21623c2604ca02c0cb7d85ae91f415a2226240328740e6f40f2d0334d349cd23efdf031e094fa71a; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000a4a5e46faf31d06697654a6af83f278829129eda79a27f4ffd2c4f112c8e3851089886230f11300090740949f39503d8ed1043e17f1e17112d7eb6a27a4edbfaa5af490232bd42d06b2a2fad2954e3ecd5e141f0b796cedc; Path=/

mybell.bell.ca/web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg

206.47.98.207

200 OK

5.8 kB

URL HTTP/1.1
mybell.bell.ca/web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg
IP
206.47.98.207:0
ASN
#577 BACOM

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 170x155, components 3\012- data
Size
5.8 kB (5762 bytes)
Hash
6ff8b5688ec3a0c1c5820dc7ebc7877b
aa26095b27d04311d9fdde14c204891592862a3c
2369f95bbeced1c99b833aa9a0cb4b3286c7a675cd3cd561cc9e4a4d4fc17743

HTTP Headers

GET /web/common/all_languages/all_regions/images/login/log_in_to_mybell.jpg HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: public, max-age=86400
Content-Type: image/jpeg
Expires: Wed, 08 Feb 2023 06:34:51 GMT
Last-Modified: Sun, 07 Dec 2014 07:21:29 GMT
Accept-Ranges: bytes
ETag: "1D011EE6B126280"
X-Generated-By: Q-BC039
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
Date: Tue, 07 Feb 2023 06:34:50 GMT
Content-Length: 5762
Set-Cookie: dtCookie=v_4_srv_10_sn_7D4B11C8B0F35019F6B3E24B7764050B_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=1370429612.47873.0000; path=/; Httponly; Secure
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.bell.ca
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.luckymobile.ca
TLTSID=A90667ECED471059A51C0576773350CB; Path=/; Domain=.virginplus.ca
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.luckymobile.ca
TLTUID=090B5198B6BBA67097781DCA18F05499; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c96d6995525888f15925dda33c577ed8e3c6251b5d8592aae87bfbacb9a61abf2bce8925f86f976e31adb1e87434341e9afa7c5e945e7ca5467d826068af07b84cdadcece3226e1e5f2accd300ef97acc8c8658d7d760f76098dcdbf3387b62da45b3a5fc48e6e2b13a309393aeccf0d521ead8ae22be498df954724f4d2cc0f7c77adfe9004205b288103791af0e35b6f5a5a7eac50ecfa2cc700331944e464e6fd579be3048e306179236115a039b54f; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab20007bb006fe63adfcc819c9809bceb83a74c373f10d21590c43d39f3fc6a247941b08088442e511300066ad1062d7ca6ba7ed1043e17f1e17111873b63b9aa2971141d2ccb5210c5a536ee49168199812e6165ab248f163a9c4; Path=/

ww.w.conductability.org/web/common/en/all_regions/images/logos/entrust_seal.gif

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/entrust_seal.gif
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/entrust_seal.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

mybell.bell.ca/web/js/actualXFTag.js?ver=94.0

206.47.98.207

404 Not Found

34 kB

URL HTTP/1.1
mybell.bell.ca/web/js/actualXFTag.js?ver=94.0
IP
206.47.98.207:0
ASN
#577 BACOM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7447), with CRLF, LF line terminators
Size
34 kB (34180 bytes)
Hash
a7e11cd099141248629b954bcaaeca21
36d1fe5c78b3d8f7d12d1ced7af8a14dae44f13d
a766c99a15f881071cbb76a878dc3af369dc48cf1047d564ec18c0bfd2f8250c

HTTP Headers

GET /web/js/actualXFTag.js?ver=94.0 HTTP/1.1
Host: mybell.bell.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww.w.conductability.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, no-store
Pragma: no-cache,no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: ASP.NET_SessionId=4pftiwejex34uv1zmzmokugl; path=/;SameSite=Lax; secure; HttpOnly; SameSite=Lax
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:51 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
gemini=region=|language=en|province=ON; domain=.bell.ca; expires=Mon, 08-May-2023 05:34:51 GMT; path=/;SameSite=Lax;SameSite=Lax; secure
SessionCk=e0efe00e-ccc7-43b3-8b7a-641c1023161e; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:51 GMT; path=/; secure; HttpOnly
SessionCk=e0efe00e-ccc7-43b3-8b7a-641c1023161e; domain=.bell.ca; expires=Tue, 07-Feb-2023 06:49:51 GMT; path=/; secure; HttpOnly
InActivityCK=1ce56c65-751e-41e6-b765-e48b9d8397db; domain=.bell.ca; expires=Tue, 07-Feb-2023 07:04:51 GMT; path=/; secure; HttpOnly
ConsistentActivityCK=1ce56c65-751e-41e6-b765-e48b9d8397db; domain=.bell.ca; expires=Tue, 07-Feb-2023 18:34:51 GMT; path=/; secure; HttpOnly
OmniturePageName=Mybell:Error; domain=.bell.ca; path=/; secure; HttpOnly
dtCookie=v_4_srv_10_sn_A4AECDB896222244BDD65435CFFEC577_perc_100000_ol_0_mul_1_app-3A429b1eac4514c5ce_1_rcs-3Acss_0; Path=/; Domain=.bell.ca; secure
CAD_Bell_ca_SS=984553644.47873.0000; path=/; Httponly; Secure
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.bell.ca
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.luckymobile.ca
TLTSID=F283BAF025D8ABB391C596941E3F0097; Path=/; Domain=.virginplus.ca
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.bell.ca; Expires=Sun, 29-Sep-2024 06:34:51 GMT
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.luckymobile.ca
TLTUID=8FC7F6CEB847B4313823998C1A57E27F; Path=/; Domain=.virginplus.ca
TLP025e8c23=028702b9c92ba06292eeb1fca2f5dfd8b3d4916da9e6bb40f15b8e835438895f5f221b2599f7fba028316c642f05d94948827352f6d198470d5557eca1ddb77cdad1d51ab6f77695a860564b761c6e17f35a69088076df0d73081e1541efe1e1aaf65f4bf79837dedbd4a2896ccb4b1cf94af697d471b0d630e21a26d8ffe5dc9bba779c973da46d8de62fd612ffb5b77e3c67b62944eff6a55c52294009b982e2a9264b53ef7ecadaf742ab1eba2c289df3e50839505419f8bdbb45437323d8fc555540aaba7e78f1e450683a132b4b9fb3642962bb63dbce5236941b629fe1fbd820f840e9b63e3caecad4ae43fb7498cc1fef8864f7ddd776e7c3b3650788e45974ad80c3825a7fcda4339619ee47dcf8945e4d12d363a88a146c31e10cae39e880489d5e2035e623d3e672bf53d578b2fe9a0b; Path=/; Domain=.bell.ca; Secure; HTTPOnly
TLP409c8162028=08e8c5f15aab2000415bffb7fb9b4c57e1144c98802520265607e7693d6bbf3bf4e9a27b7905afb608a53c6e68113000ff754ffa6caca319ed1043e17f1e17114f248d4856a7bc13e3e9b67cb5f5e47ed20ebf21f8ba8e771f8a4f7bb3a0520d; Path=/
X-Generated-By: Q-BC037
Access-Control-Allow-Origin: https://mybell.bell.ca
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.decibelinsight.net *.decibel.com *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com https://*.bazaarvoice.com https://*.bing.com https://*.clarity.ms 'unsafe-inline' 'unsafe-eval'; object-src 'none'
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1777535732"
Date: Tue, 07 Feb 2023 06:34:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/mtagconfig.js

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/mtagconfig.js
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/mtagconfig.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:51 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751739727

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751740478

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:52 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741229

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:53 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751741980

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/common/en/all_regions/images/logos/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/common/en/all_regions/images/logos/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/resource/custom/js/Login.php

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/resource/custom/js/Login.php
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /resource/custom/js/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/Login.php
Connection: keep-alive
Cookie: fsr.a=1675751742730

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js

68.66.226.93

302 Found

0 B

URL HTTP/1.1
ww.w.conductability.org/web/js/opinion_lab/OpinionLab.js
IP
68.66.226.93:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bell Canada
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)
suricata	medium	ETPRO HUNTING Observed Unusual Host (ww.)

HTTP Headers

GET /web/js/opinion_lab/OpinionLab.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/Login.php
Cookie: fsr.a=1675751742730

HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 07 Feb 2023 06:34:54 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML