Report - itcproreporting.com/16416-114036/62420?uid=4p6U8LLbGTHxS5BaYZ5f4bBUdzcG4WAyw4raN&prom_type=regular&prom

Report Overview

Submitted URL
itcproreporting.com/16416-114036/62420?uid=4p6U8LLbGTHxS5BaYZ5f4bBUdzcG4WAyw4raN&prom_type=regular&prom_id=185722&pld=26L81sNgpwNGg5
IP
52.0.69.252
ASN
#14618 AMAZON-AES
Submitted
2022-09-01 03:37:25
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
itcproreporting.com	unknown			451 B	529 B	52.0.69.252
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	2.0 kB	6.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.115
24x7infotech.com	unknown			8.1 kB	431 kB	54.157.54.92
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	44.242.41.15
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-06T11:17:42Z	402 B	902 B	104.18.10.207
polyfill.io	102644	2016-02-12T01:04:58Z	2023-03-06T08:07:29Z	449 B	549 B	151.101.1.26
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.25
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-06T05:09:16Z	763 B	47 kB	104.17.25.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	2.0 kB	4.2 kB	142.250.74.3
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	737 B	93.184.220.29
use.typekit.net	494	2012-07-05T03:42:39Z	2023-03-06T05:11:41Z	365 B	4.5 kB	23.36.76.186
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-06T06:45:22Z	829 B	33 kB	151.101.85.229
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-06T05:12:11Z	356 B	1.9 kB	104.18.21.226
p.typekit.net	620	2012-05-23T16:28:57Z	2023-03-06T05:11:42Z	846 B	357 B	23.36.76.186
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-06T08:54:25Z	513 B	746 B	142.250.74.10
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-06T05:16:06Z	479 B	26 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	65 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf	Phishing
2022-09-01	medium	24x7infotech.com/lib/uri/uri.js	Phishing
2022-09-01	medium	24x7infotech.com/lib/jq/validator/fb.validation.js	Phishing
2022-09-01	medium	24x7infotech.com/uploads/uploadedFonts/fontsImport.css?v=1662003435	Phishing
2022-09-01	medium	24x7infotech.com/lib/jq/fb.utils.js	Phishing
2022-09-01	medium	24x7infotech.com/lib/jq/otherInput/fb.otherInput.js	Phishing
2022-09-01	medium	24x7infotech.com/lib/jq/fb.autoSubmit.js	Phishing
2022-09-01	medium	24x7infotech.com/uploads/c_12772/logos/NEW_Logo_Okta_Blue_RGB-1.svg	Phishing
2022-09-01	medium	24x7infotech.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	Phishing
2022-09-01	medium	24x7infotech.com/uploads/c_9378/logos/chevron_down.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	itcproreporting.com	Sinkholed

Files detected

URL
r3.o.lencr.org/
IP
23.36.77.32
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1574 bytes)
Hash
d43b51e8e6d262ba6c91b25d1489b203
ea04d9bc4846a6ebfe5bf589521c584b9675bd26
cca7d9510f3a4da208744d0995db5ff0e14f34a864467bd44e9b2f12a61577a6

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (14)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js	71 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-05-10 18:31:38 Times Seen4420 Hash 0f64f3a3a0c620a6756d36abaff1b4a6 4738d7f9885db2cb9370766974c8f6b22e9ec29d 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b Loading...

	24x7infotech.com/lib/jq/otherInput/fb.otherInput.js	2.3 kB	2023-03-07	2023-03-17
Pretty URL 24x7infotech.com/lib/jq/otherInput/fb.otherInput.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-17 12:45:25 Times Seen1 Hash f49a975af41186993c4e9375ab2811a9 3ff5af70425851ca10b47e5e9a730466f0ec0d07 da384cdad429313cc5b5e7579c3dd5e547273095b9b2f14e598bfc46ed3544c7 Loading...

	24x7infotech.com/lib/jq/fb.autoSubmit.js	631 B	2023-03-07	2023-03-17
Pretty URL 24x7infotech.com/lib/jq/fb.autoSubmit.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-17 12:45:25 Times Seen1 Hash d1b0ab11f9d2a041be621b97140bd0de 03eb391c2a4ec2e17385afdb695cb458bddb4dba 348cf9886114edd1ab2df04571fd8e6eeb192d2da111b4ef3200caa25ce0ffae Loading...

	24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf	98 B	2023-03-07	2024-04-26
Pretty URL 24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-04-26 00:44:25 Times Seen67 Hash bd1bb06e1eb2513d80d713f827f44a47 e16d34af3ee95682c44aea25471460209bf69f61 a415cd8038dc4ff7548175717a3c9d05be601ac83c010f17066c33bbaa9da799 Loading...

	24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf	658 B	2023-03-07	2023-03-25
Pretty URL 24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:42 Last Seen2023-03-25 23:43:01 Times Seen2 Hash 3a8c452c123b3c477948ad7f788550cf a97946a1481f3318e70b8d3c00c5b8cd7344a4f6 e16454612331d32d98399e7bcd1c52f9814edd1a821e7f34772f42415aedf903 Loading...

	24x7infotech.com/lib/uri/uri.js	77 kB	2023-03-07	2024-04-26
Pretty URL 24x7infotech.com/lib/uri/uri.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:25 Last Seen2024-04-26 00:44:26 Times Seen1499 Hash 64437cd33e2fa1a40e6850ee6388639e 809078716153b491c00852f366ca3f8d6e03df22 96361c580499a6dd7afa83f352fb2a27c159a39daf794e2e6813514be8a8fbe9 Loading...

	24x7infotech.com/lpScripts/assetsBehavior.js?v=1	9.5 kB	2023-03-07	2023-03-17
Pretty URL 24x7infotech.com/lpScripts/assetsBehavior.js?v=1 IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:25 Last Seen2023-03-17 09:43:42 Times Seen1 Hash 5459dde62bf78450a93802c44698fcab 230c2314aff0be34c75a9e50da9a53ca1bf412f6 616d3590674283af103d54c54dc5c889d9d96df45d2d4e5062f165c079e3fb31 Loading...

	24x7infotech.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js	110 kB	2023-03-07	2023-03-17
Pretty URL 24x7infotech.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:37 Last Seen2023-03-17 12:45:25 Times Seen1 Hash 590cfcdcec421c852434167b135406c7 aa035d2388b6576bbb0657b4347b88ec7d272bd7 90e8f80b16e3b6ee999a5400579399c6207291f3f5476fb3951c5230d75ec3db Loading...

	24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf	58 B	2023-03-07	2024-04-26
Pretty URL 24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2024-04-26 00:44:25 Times Seen67 Hash ea4cdd05ea02fc381650389e3513ec3a ae902087b2cde7a4e0d58c1a5eb3fc8310b2c755 f2738345b1d22b55dbcfbd3c3fd7ed8ed4e9ed7ca68e35b86135c2a9211ef4ed Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-11 02:14:27 Times Seen143279 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	24x7infotech.com/lib/jq/fb.utils.js	14 kB	2023-03-07	2023-03-17
Pretty URL 24x7infotech.com/lib/jq/fb.utils.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-17 09:43:43 Times Seen1 Hash fb65efafb23a90079cddcb1fb9e183f6 eba4bc2044618715cbac1e0c6c7aa43303814c5c 965f5a903b70ef3d9050a0f1c041126e66212c88e3a9524caa0548367a667a0d Loading...

	polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7	72 B	2023-03-07	2024-05-10
Pretty URL polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 IP 151.101.1.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-05-10 10:40:43 Times Seen295 Hash 7bf5fb2fd30cea050be6a48b90343984 e3d8fc7eec3e4338218b844d40a1ae86cc8581c6 aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Loading...

	24x7infotech.com/lib/jq/validator/fb.validation.js	2.0 kB	2023-03-07	2023-03-26
Pretty URL 24x7infotech.com/lib/jq/validator/fb.validation.js IP 54.157.54.92 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:08 Last Seen2023-03-26 08:44:40 Times Seen28 Hash 60f78449c35e69490026e3f739d322dc a0f988cad0941c050d4ecbe1d58f450193c604d2 ee75b43f5de847b148b9ed76c06b5db9566ba8da3ac35c726ed43ef9f9b2c3e3 Loading...

	cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js	24 kB	2023-03-07	2024-05-07
Pretty URL cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:26 Last Seen2024-05-07 21:48:32 Times Seen1231 Hash 8a25965d822705f957a243443d219787 0da4c535b50bdb4dffa3b5fae3e999aeee137cb5 b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Loading...

HTTP Transactions (53)

URL IP Response Size

itcproreporting.com/16416-114036/62420?uid=4p6U8LLbGTHxS5BaYZ5f4bBUdzcG4WAyw4raN&prom_type=regular&prom_id=185722&pld=26L81sNgpwNGg5

52.0.69.252

302 Found

0 B

URL HTTP/1.1
itcproreporting.com/16416-114036/62420?uid=4p6U8LLbGTHxS5BaYZ5f4bBUdzcG4WAyw4raN&prom_type=regular&prom_id=185722&pld=26L81sNgpwNGg5
IP
52.0.69.252:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /16416-114036/62420?uid=4p6U8LLbGTHxS5BaYZ5f4bBUdzcG4WAyw4raN&prom_type=regular&prom_id=185722&pld=26L81sNgpwNGg5 HTTP/1.1
Host: itcproreporting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 01 Sep 2022 03:37:15 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.4.16
Location: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Cache-Control: max-age=0, must-revalidate, private
Expires: Thu, 01 Sep 2022 03:37:15 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6321
Expires: Thu, 01 Sep 2022 05:22:36 GMT
Date: Thu, 01 Sep 2022 03:37:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 03:26:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RrtCJmCRv0GSlT2z2Ff9LM9NukzjGV2DHig5O847_o5pDbJ6eadD4Q==
Age: 620

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _d8DCghkmjKGgUUyZsinH6EsLYHcQGM-DNQ53uKZGDb-Ghiu2w7Vzw==
age: 8519
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:37:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf

54.157.54.92

200 OK

12 kB

URL HTTP/1.1
24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15037)
Size
12 kB (12518 bytes)
Hash
b8ba550b1535502eac9ca99b7a19431f
c1945b90d0e38b079f7308943188cb41a33a5890
446fa0b95d0f08af18d232f761683e3e4e9fb7372d0afa63c7fd89af0d174db7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:15 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.4.16
Cache-Control: no-cache, private
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 03:37:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7447139
expires: Tue, 22 Aug 2023 03:37:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzHcyrEvuDIsxYsnXXnGBa%2Fo6xJDi3JFJk8JdwPJz86nDwLXYL%2FJxsWbpgogTgJOdc%2B7XYfoJLak77O8jnDAX7vXbUieiZdPn5P1FFZo5oyp9LTp8D%2Fb3PDdFmaO%2B9hAPhCzr2LK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 743af761bf43b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

151.101.85.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
24 kB (23938 bytes)
Hash
57a992194d8a5b4bbd4ade561fd348bb
bb66f00fe168c6df50af51abdededdfceb15c59f
be95ec6ab71f5fa87401a698cb9566490258fa9012bb0e8467920b0f74163a0a

HTTP Headers

GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://24x7infotech.com
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 03:37:15 GMT
age: 10805591
x-served-by: cache-fra19136-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 23938
X-Firefox-Spdy: h2

24x7infotech.com/ckeditor/contents.css?t=M5UE

54.157.54.92

200 OK

1.2 kB

URL HTTP/1.1
24x7infotech.com/ckeditor/contents.css?t=M5UE
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.2 kB (1220 bytes)
Hash
c891c12c2f6a743438425e08234fb859
66971c151a9d18bd60b5b50c99fe865a1263c752
3502f880214cb01a755cbc4eb60c064164caf9c0ea205f7a2523a5fce7c11242

HTTP Headers

GET /ckeditor/contents.css?t=M5UE HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:15 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Last-Modified: Tue, 09 Aug 2022 13:04:10 GMT
ETag: "62f25b4a-b46-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1220
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive

cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js

151.101.85.229

200 OK

7.8 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
7.8 kB (7815 bytes)
Hash
144d2fdbeb2ac0a55e26fd4d3bcb6aa7
7b00473f6a8170bcb0573cec68acea35684250c7
5e9ecf8613ebbaae3c171d1ba18e6af51d41ed136730e2764784f12679fda526

HTTP Headers

GET /npm/jquery-validation@1.19.1/dist/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.19.1
x-jsd-version-type: version
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 03:37:15 GMT
age: 1393422
x-served-by: cache-fra19165-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 7815
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (64131)
Size
16 kB (16456 bytes)
Hash
e969f2fd683c8d12ccbfa6ec0487dadf
4efb5abd97f96f324fd3bd64902a02e4a8a3d3af
10375c0c9bd1d60f996e3b7eef19ada49ebc3790f78742204cef7026754d2ac2

HTTP Headers

GET /ajax/libs/select2/4.0.13/js/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://24x7infotech.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 03:37:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 16456
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ecc8659-114c3"
last-modified: Tue, 26 May 2020 03:00:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1935107
expires: Tue, 22 Aug 2023 03:37:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEQ5nJJQwZOXfvpX3vU2UpRS5ifJdW9BpDjcKx7d8IpVJyDXirkOtj2YrTfgzIiGG63JlkasmBDUSvXztINiDI6mMC8xElllhszjfdMLeTYfoqOvNhOz0iAJEpP0dIaXX3Jpv7we"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 743af7621da4b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
0b38c8322adf6bfc7892563c20efe0e7
cc6c35da28c68a51d937732d9d2e905feb9b161d
2b73a0cd17862b7ee260dfc714744c9a64a3817fff4801a41cb972d3d5bd41ea

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:15 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3FE821C68FF994B826C10FD90ECE10CB7EE0B032"
Expires: Thu, 01 Sep 2022 14:00:00 GMT
Last-Modified: Thu, 01 Sep 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3539
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743af7624f98b4ff-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

24x7infotech.com/lib/uri/uri.js

54.157.54.92

200 OK

16 kB

URL HTTP/1.1
24x7infotech.com/lib/uri/uri.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (1107)
Size
16 kB (16058 bytes)
Hash
3cd7a0fc810205643e3f59954319338b
23b2f8278554668cff0a1e7d62523a262f7004fd
0aa81f9fba7d7674c88993e9678987c5d62916b344219215b52bb10f254ec2bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:15 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
ETag: "6074ab5b-12c3e-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=18
Connection: Keep-Alive
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 02:57:05 GMT
Expires: Thu, 01 Sep 2022 03:52:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OYSlviEO87FZMx6_vU1yj8cltVsxMZSIMo3cj5f7ekieyXKyyumspg==
Age: 2411

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Last-Modified: Thu, 01 Sep 2022 01:56:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

24x7infotech.com/lib/jq/validator/fb.validation.js

54.157.54.92

200 OK

751 B

URL HTTP/1.1
24x7infotech.com/lib/jq/validator/fb.validation.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
751 B (751 bytes)
Hash
56dd9e24fa362cfd2200722810839d9d
3ef4d4ba02fd2c582976c036289a840c28f169cb
3b3e2a3abfc80d68f73cfe9e0130771596a89006c51579deef756477325a03ae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/validator/fb.validation.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Wed, 09 Jun 2021 11:25:31 GMT
ETag: "60c0a52b-7db-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 751
Keep-Alive: timeout=5, max=17
Connection: Keep-Alive

24x7infotech.com/uploads/uploadedFonts/fontsImport.css?v=1662003435

54.157.54.92

200 OK

7.6 kB

URL HTTP/1.1
24x7infotech.com/uploads/uploadedFonts/fontsImport.css?v=1662003435
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (508)
Size
7.6 kB (7555 bytes)
Hash
73504f02918e2faa53351bcda6f90cbc
eb43d25204e519edfc96c129750500c592a1357c
fe8c75ac4daf3dedb6aa70be2ddb1bca6ee20365148db9d1d592afe8faf29fc8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/uploadedFonts/fontsImport.css?v=1662003435 HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 10 Aug 2022 16:18:27 GMT
ETag: "180c4-5e5e56629c15f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7555
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive
Content-Type: text/css

24x7infotech.com/ckeditor/plugins/lpLinkV2/css/styles.css

54.157.54.92

200 OK

644 B

URL HTTP/1.1
24x7infotech.com/ckeditor/plugins/lpLinkV2/css/styles.css
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (2158)
Size
644 B (644 bytes)
Hash
2d23d083bf6617cd7c67da10bd9c7d03
ed16cc65fbdf1f85205c97e5c57cdac43adcbf81
d92bbb19f44f0c2082b2d3f784f5d65df6161a4c90d4ea7a13f18264aa1f6079

HTTP Headers

GET /ckeditor/plugins/lpLinkV2/css/styles.css HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Last-Modified: Tue, 09 Aug 2022 13:04:10 GMT
ETag: "62f25b4a-86f-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 644
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

24x7infotech.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1661858268142

54.157.54.92

200 OK

1.5 kB

URL HTTP/1.1
24x7infotech.com/ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1661858268142
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.5 kB (1502 bytes)
Hash
13425f42ae738b3c2d7e422baaf328a7
e1d51a8371eb69f2e69f0ea4d2a427d91143269e
be29cc4092413b134548a1b0148a1aee22a7718eb6dd1fb59f3bce5910ac80bb

HTTP Headers

GET /ckeditor/plugins/formBuilder/styles/formBuilder.css?v=1.3.1661858268142 HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Last-Modified: Tue, 09 Aug 2022 13:04:10 GMT
ETag: "62f25b4a-1451-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1502
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

24x7infotech.com/lib/jq/fb.utils.js

54.157.54.92

200 OK

3.1 kB

URL HTTP/1.1
24x7infotech.com/lib/jq/fb.utils.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
3.1 kB (3133 bytes)
Hash
fbe15816e810b6d8fb82800060033479
29e2ac30e5241993745ef7cacdfc712c775b44ed
5a7671a733e908308cb15d4b7400fc553285a6b37a7f11ba218324a5ac484147

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/fb.utils.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Tue, 14 Sep 2021 10:49:24 GMT
ETag: "61407e34-3496-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3133
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

use.typekit.net/mgr2odi.css

23.36.76.186

200 OK

4.1 kB

URL HTTP/2
use.typekit.net/mgr2odi.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (520)
Size
4.1 kB (4083 bytes)
Hash
609b64c6359e37c88bbd245ba638b89f
dd850df3bcab5430f55c233b626cd8f446de3ba2
bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b

HTTP Headers

GET /mgr2odi.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Thu, 01 Sep 2022 03:37:16 GMT
X-Firefox-Spdy: h2

24x7infotech.com/lib/jq/otherInput/fb.otherInput.js

54.157.54.92

200 OK

694 B

URL HTTP/1.1
24x7infotech.com/lib/jq/otherInput/fb.otherInput.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
694 B (694 bytes)
Hash
c54688299c3edb3bdbc103ad943a8ba5
5bbb40e6c605759867aaba1a529d6637f731148a
87cae4b8d1782c153d80cb84f69f99ed0dc55fa757490a7bfe4204504f3c95e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/otherInput/fb.otherInput.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Tue, 25 May 2021 16:06:10 GMT
ETag: "60ad2072-916-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 694
Keep-Alive: timeout=5, max=16
Connection: Keep-Alive

24x7infotech.com/lib/jq/fb.autoSubmit.js

54.157.54.92

200 OK

321 B

URL HTTP/1.1
24x7infotech.com/lib/jq/fb.autoSubmit.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
321 B (321 bytes)
Hash
1701dda5d39893c6b7c1e904b623bd00
8991582eb66c4ac28b8716f68ad55bfe115587ed
09f1e7e7ea6fab512dba51508cfc3c001576dee8176e0e642dbe6ad399835146

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/fb.autoSubmit.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Mon, 12 Apr 2021 20:19:39 GMT
ETag: "6074ab5b-277-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 321
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive

24x7infotech.com/lpScripts/assetsBehavior.js?v=1

54.157.54.92

200 OK

2.7 kB

URL HTTP/1.1
24x7infotech.com/lpScripts/assetsBehavior.js?v=1
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
2.7 kB (2696 bytes)
Hash
2dea896e8b1598d72d893987b2655973
6186f259a59f8d207d45ab61715258369f9e99ef
78ea054e3ec1cc280f6ebab2e89167fb91ccccb299a26eaebfca36acbea56660

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Wed, 18 May 2022 10:10:32 GMT
ETag: "6284c618-24f3-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2696
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive

24x7infotech.com/uploads/c_12772/logos/NEW_Logo_Okta_Blue_RGB-1.svg

54.157.54.92

200 OK

2.8 kB

URL HTTP/1.1
24x7infotech.com/uploads/c_12772/logos/NEW_Logo_Okta_Blue_RGB-1.svg
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (756)
Size
2.8 kB (2772 bytes)
Hash
a5988c33cbbfe6b145756aa6fce65b4a
082fb05d706b4c51d3bebee80bf4142aedadd694
d1076d8f2780badc6a81c07c400504b5094d2ba44e5ba189611b5fceeba62243

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/c_12772/logos/NEW_Logo_Okta_Blue_RGB-1.svg HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 13 Apr 2022 17:47:38 GMT
ETag: "ad4-5dc8cc5fb128f"
Accept-Ranges: bytes
Content-Length: 2772
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive
Content-Type: image/svg+xml

24x7infotech.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js

54.157.54.92

200 OK

22 kB

URL HTTP/1.1
24x7infotech.com/lib/jq/validator/localization/jq_validation_localizations.boundled.js
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text
Size
22 kB (21979 bytes)
Hash
c252456cfcbbfdd1bcd94ea75d081d6e
de1a830f2798f9133d8e205f22ce7ebb8fa0825f
2263568ad9c95a3f0e4f4d1c4582f3f2d4fbad698577207ea4416d3151d63025

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/jq/validator/localization/jq_validation_localizations.boundled.js HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: nginx/1.17.10
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Last-Modified: Thu, 14 Jul 2022 12:15:02 GMT
ETag: "62d008c6-1af30-gzip"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21979
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive

p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Thu, 01 Sep 2022 03:37:16 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.242.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZAssbyHumG3O/foOE6IpQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BfXGESwKGRkc3cGtPSkrxT+ROk8=

24x7infotech.com/uploads/c_16371/logos/asset_okta_5.png

54.157.54.92

200 OK

59 kB

URL HTTP/1.1
24x7infotech.com/uploads/c_16371/logos/asset_okta_5.png
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 287 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (58686 bytes)
Hash
bfa5a201b6adcb0b2d92a292635fc571
08d23b0fec1d1d56c9fcf74ab192caeecc1f1f38
737025170c8c045015ccc71872a7505393a7fc70facf36fa0a7ec4c15d6a8737

HTTP Headers

GET /uploads/c_16371/logos/asset_okta_5.png HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Aug 2022 11:14:30 GMT
ETag: "e53e-5e7737bf8f2c1"
Accept-Ranges: bytes
Content-Length: 58686
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

142.250.74.163

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25320, version 1.0\012- data
Size
25 kB (25320 bytes)
Hash
098efcdd0d179610154999da1cefedb4
8c61253b07f5833a6c8b0d30c654113f02660774
ecd01d6ed5d492148e9ba9ead2db0ee09b8664e9e6cda3150ad7d31977c2e702

HTTP Headers

GET /s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://24x7infotech.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 22:05:25 GMT
expires: Tue, 29 Aug 2023 22:05:25 GMT
cache-control: public, max-age=31536000
age: 192711
last-modified: Mon, 18 Jul 2022 19:46:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

24x7infotech.com/uploads/c_9378/logos/chevron_down.svg

54.157.54.92

200 OK

398 B

URL HTTP/1.1
24x7infotech.com/uploads/c_9378/logos/chevron_down.svg
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
398 B (398 bytes)
Hash
e3f41ae4c3c0de2961e2eab0aeac4b24
6ade87768604683e072cee03e70611434080a873
00d42b2ee630e6dae6e1376c073b3f6740d8c4ad746176f598b644af71a49db0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/c_9378/logos/chevron_down.svg HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 28 Dec 2021 15:22:53 GMT
ETag: "18e-5d436652790be"
Accept-Ranges: bytes
Content-Length: 398
Keep-Alive: timeout=5, max=15
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:37:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

24x7infotech.com/favicon.ico

54.157.54.92

200 OK

34 kB

URL HTTP/1.1
24x7infotech.com/favicon.ico
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
34 kB (34494 bytes)
Hash
d4a95c780824be97bc45a187ab7ad24b
53aeb2d44190d91ec2006379b3ddbd202b865d24
502322d8592de8395d6e7c2c37b18e04904e62d8f8b3caaa53858e4ebc64b692

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 29 Sep 2017 21:04:52 GMT
ETag: "86be-55a5a60414500"
Accept-Ranges: bytes
Content-Length: 34494
Keep-Alive: timeout=5, max=18
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

24x7infotech.com/uploads/c_16371/backgrounds/bg2.png

54.157.54.92

200 OK

258 kB

URL HTTP/1.1
24x7infotech.com/uploads/c_16371/backgrounds/bg2.png
IP
54.157.54.92:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 686 x 1086, 8-bit/color RGBA, non-interlaced\012- data
Size
258 kB (258100 bytes)
Hash
6d8abf04c6123b418d4db7c312545ddc
668e19d79c531862359c009668732bea3a4a9cac
8467ea135ebe84bf90c1fed6bf3a4144cb621c75a441e8d3718cb090369955e4

HTTP Headers

GET /uploads/c_16371/backgrounds/bg2.png HTTP/1.1
Host: 24x7infotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/oig-datasheet-okta-identity-governance-a-unified-identity-and-access-management-iam-inf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 03:37:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 30 Aug 2022 11:16:30 GMT
ETag: "3f034-5e7738315a2c0"
Accept-Ranges: bytes
Content-Length: 258100
Keep-Alive: timeout=5, max=19
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

1.6 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1574 bytes)
Hash
d43b51e8e6d262ba6c91b25d1489b203
ea04d9bc4846a6ebfe5bf589521c584b9675bd26
cca7d9510f3a4da208744d0995db5ff0e14f34a864467bd44e9b2f12a61577a6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Thu, 01 Sep 2022 04:44:39 GMT
Date: Thu, 01 Sep 2022 03:37:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Thu, 01 Sep 2022 04:44:39 GMT
Date: Thu, 01 Sep 2022 03:37:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Thu, 01 Sep 2022 04:44:39 GMT
Date: Thu, 01 Sep 2022 03:37:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Thu, 01 Sep 2022 04:44:39 GMT
Date: Thu, 01 Sep 2022 03:37:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Thu, 01 Sep 2022 04:44:39 GMT
Date: Thu, 01 Sep 2022 03:37:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11031 bytes)
Hash
494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 21606
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8877 bytes)
Hash
3565104073de1cd27919a8ee68fe296e
5a6425a36ab00449593951fbd4bfba8e4194c217
d60f8a074d84ff44c5273da404fbc79438462a5786c54408ec938bd8ae80e2a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8877
x-amzn-requestid: 3c9a7b05-f9f7-4b64-8812-6747130b4c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xi98yFNVoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630aa9eb-64260de84540a2a135bc6eb0;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 23:34:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ocwse_hSdULpAVgkQWZv3w9_2yA2tsBgQYfIQoazl7ESv3FllkzvYQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:39:54 GMT
age: 21443
etag: "5a6425a36ab00449593951fbd4bfba8e4194c217"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10508 bytes)
Hash
8bb15bd7bc4dd59e28a1066c8e67751e
d0a18577ff979c34c4f1e45515542c8b12c8b0e3
e1297a01a214f262b14cd04ebaafd913e4c9f09bd86dbeac600db57f39f51077

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10508
x-amzn-requestid: ff89b1da-4384-4787-844f-a7a65fb20b51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdacUE8tIAMF3QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308711b-7d09607973e1755d34aa0184;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:07:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f5RXilXHrfdz2NOuDKn7vHXcpiqi-dPc5ig0OqEP3Playiz3DT4tgg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 13:08:33 GMT
age: 52124
etag: "d0a18577ff979c34c4f1e45515542c8b12c8b0e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9152 bytes)
Hash
b0d8ed4b8bda662c244b9d26cf143147
151395a70faa075762664fc6cd52a65004b5c81c
49b381815612b7ecb021f243438aae99e399993d91fb38bf5d7bb3d357519d6a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9152
x-amzn-requestid: 12c7a724-7c66-488e-b1c4-ac222ed4e5aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5H6sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-0fc85d8539d761367b821823;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _j9qaEvy56YyK9qz0CaE2IO9_yEsoM7RIhO_5gddryb3pgOdOmH-OA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:15 GMT
age: 21602
etag: "151395a70faa075762664fc6cd52a65004b5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b14395b-3f2d-4aeb-b43c-253963035eaa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8084 bytes)
Hash
e3091a7a992a2ad059e486d4e0d93c02
deec914bf1f10646d923db48ab3d4ec21af27381
8819908ab1f13fd13fe5980883502b6131ab74c2a716b8576d95e89b980df149

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b14395b-3f2d-4aeb-b43c-253963035eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8084
x-amzn-requestid: 743404c1-6c84-4232-9b7c-3cae4ebb3d4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5EeioAMFygw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-6e6460e844f676d671797ff0;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4sryJq3FD4jgCCkSjTSMMpvOJ3k9V6i3tF2Pd8dXyqDw7cmnojV0KQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:47:20 GMT
age: 20997
etag: "deec914bf1f10646d923db48ab3d4ec21af27381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10777 bytes)
Hash
ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:20 GMT
age: 21597
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 03:37:15 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 7444423
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 743af761bcdf1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7

151.101.1.26

200 OK

0 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
IP
151.101.1.26:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://24x7infotech.com
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
accept-ranges: bytes
last-modified: Wed, 31 Aug 2022 08:20:14 GMT
content-encoding: br
useragent_normaliser: firefox/96.0.0
age: 0
date: Thu, 01 Sep 2022 03:37:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1656, PASS, fastly;desc="Edge time";dur=59
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24x7infotech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 03:37:15 GMT
date: Thu, 01 Sep 2022 03:37:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML