r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Tue, 31 Jan 2023 18:11:46 GMT
Date: Tue, 31 Jan 2023 16:45:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13601
Expires: Tue, 31 Jan 2023 20:31:56 GMT
Date: Tue, 31 Jan 2023 16:45:15 GMT
Connection: keep-alive
ww.w.conductability.org/prepareLoginFCC.php
68.66.226.93200 OK 5.6 kB URL HTTP/1.1 ww.w.conductability.org/prepareLoginFCC.php
IP 68.66.226.93:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (387), with CRLF line terminators
Hash ec323cd7ffae75bf7b0501ffa75203be
b6691860447f3576275085c4aa78afad53450e1e
e2de8e0576edc625752e8dc357ff53f8f3e93bc8b9d5f87af5fda5371a857b64
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /prepareLoginFCC.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 5636
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 31 Jan 2023 16:45:15 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 16:43:17 GMT
content-type: application/json
age: 118
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5315
Expires: Tue, 31 Jan 2023 18:13:50 GMT
Date: Tue, 31 Jan 2023 16:45:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nKdvxGpfeF/qZIZol0AbrgnmDL1BWg+O6nrLCuhx9Rf9qZvTzi22HBCVTR0VeSwm/D90P2qGWdK1riw8VILf4Q==
x-amz-request-id: 90D7WQZJ7E0RDRSW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 15:51:13 GMT
age: 3242
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 16:45:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/f/actualXFTag.js
68.66.226.93200 OK 2.7 kB URL HTTP/1.1 ww.w.conductability.org/f/actualXFTag.js
IP 68.66.226.93:0
File type ASCII text, with very long lines (7550), with CRLF line terminators
Hash 5b62de202124e3003a57ccaba700ea56
8abb9c1042e2eb6875fbafaa93ece9ede7bc0b61
561ba8b7f30c7169d05d92e0137c47182c1028c5b7c838d78ce65b4ca9831db1
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/actualXFTag.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 04:29:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2748
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/OBS_optimized_compressed.css
68.66.226.93200 OK 5.3 kB URL HTTP/1.1 ww.w.conductability.org/f/OBS_optimized_compressed.css
IP 68.66.226.93:0
File type ASCII text, with very long lines (377), with CRLF line terminators
Hash 11dd0f3e696b87712b3b1e6de6fada53
e93fb91d96635274564acb9ee3aa1e72e8f10858
5cbf098da8c1ad33f6aaecf18ca7d9d56b4bf63befab5f9458c8a7df9fb10d6d
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/OBS_optimized_compressed.css HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: text/css
last-modified: Tue, 05 May 2009 05:40:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5303
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/check.js
68.66.226.93200 OK 1.4 kB URL HTTP/1.1 ww.w.conductability.org/f/check.js
IP 68.66.226.93:0
File type ASCII text, with CRLF line terminators
Hash 957f28ea3ac308ecd55ef2fadf4de4d2
c58c9a080baea817d8abc7baf9506b5ece288296
d48ea1a089048740d15e89c58129441d22712e8104a89cc19a2b790a207c171e
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/check.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2011 15:35:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1441
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/popup.js
68.66.226.93200 OK 414 B URL HTTP/1.1 ww.w.conductability.org/f/popup.js
IP 68.66.226.93:0
File type ASCII text, with CRLF line terminators
Hash 909c63c5385fa8265dc5ca2f3709c490
14e89fec9cfb24cfa8b0cf90cfe80888f4d56037
d83db9f4e6f1adad12b02ccc394b16ba36a42966880fd7f0154c2813bce9416d
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/popup.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 05:28:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 414
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/opinionLab.js
68.66.226.93200 OK 774 B URL HTTP/1.1 ww.w.conductability.org/f/opinionLab.js
IP 68.66.226.93:0
File type HTML document, ASCII text, with very long lines (1243), with CRLF line terminators
Hash 309a15d9ef7fc91ddba87df9c0d7a8f0
62efb99f01c03c6145850d2f463f1df46181eae7
2ab1f78bc5d0268c90e42a2610e14755efd2d4ffcda7b29e3d3a844f309dde4c
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/opinionLab.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 05:28:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 774
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/s_code.js
68.66.226.93200 OK 7.6 kB URL HTTP/1.1 ww.w.conductability.org/f/s_code.js
IP 68.66.226.93:0
File type ASCII text, with CRLF line terminators
Hash 07538a1a3b6ba9133143177bcc2798b7
81ca5c793bd74083de21041fc981ad1de18ae421
5daf25a350ebe5f4ffbc84623cc581911d4d30f2cbc37d3e4a9f322db258f5f0
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/s_code.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 05:28:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7603
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bellca.js
68.66.226.93200 OK 3.1 kB URL HTTP/1.1 ww.w.conductability.org/f/bellca.js
IP 68.66.226.93:0
File type ASCII text, with CRLF line terminators
Hash fbd915ab5e3686e5789c77ec2274629f
b84a596c74b662837b0909a81390b01c513f71e5
747f3301aab8bfe8a7bae42d70423eee30845b16222a8e575e1783fbf3ad409d
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bellca.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 05:28:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3126
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/EPL_optimized_compressed.css
68.66.226.93200 OK 1.4 kB URL HTTP/1.1 ww.w.conductability.org/f/EPL_optimized_compressed.css
IP 68.66.226.93:0
File type ASCII text, with very long lines (330), with CRLF line terminators
Hash dfbcc05558ce3a4388de3efd4d45edc0
ab466c2c88a9bfbef93c944a2b501cf94e3ffc9b
09aa63ff9552e39d497ec93a77becb45d5c510803feee986ecf54ff7b17890c6
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/EPL_optimized_compressed.css HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: text/css
last-modified: Tue, 05 May 2009 05:33:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1437
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 16:41:42 GMT
age: 214
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/f/sifr.js
68.66.226.93200 OK 9.1 kB URL HTTP/1.1 ww.w.conductability.org/f/sifr.js
IP 68.66.226.93:0
File type ASCII text, with very long lines (23958), with CRLF line terminators
Hash 470d01e6c4582a8ec87c106743f2ef65
066b1426e92c0d4f8b43486142b264cd99669e0d
c2614a2d90bd3d92f254c25c70a5254ace12b12be02afe61f711fc1b5551d95b
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/sifr.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: application/javascript
last-modified: Tue, 05 May 2009 04:29:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9077
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/b.js
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/b.js
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/b.js HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Tue, 31 Jan 2023 19:49:55 GMT
Date: Tue, 31 Jan 2023 16:45:16 GMT
Connection: keep-alive
ww.w.conductability.org/f/savetree_en_CA.jpg
68.66.226.93200 OK 302 B URL HTTP/1.1 ww.w.conductability.org/f/savetree_en_CA.jpg
IP 68.66.226.93:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash b0ba74410a6a867c601b294f990180a8
8f52ca1335956af7b07af8893559ac59075c7f6d
f3a95296e7288873987a97a087a7100cea1876d48ca6f57be3c906fa53f3aba8
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/savetree_en_CA.jpg HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/jpeg
last-modified: Tue, 05 May 2009 05:28:30 GMT
accept-ranges: bytes
content-length: 302
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_topNavShop_en.gif
68.66.226.93200 OK 1.6 kB URL HTTP/1.1 ww.w.conductability.org/f/bt_topNavShop_en.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 110 x 74\012- data
Hash b50a2bc123c6d27015fcc63a44b7652c
c819e0067713b3c48691253cc1ac0694b0d4b429
782babe58b94f048896e2be07637de07b943a9d04ec11a97153ab7238fb433ea
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_topNavShop_en.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:30 GMT
accept-ranges: bytes
content-length: 1574
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/vi_cart.gif
68.66.226.93200 OK 289 B URL HTTP/1.1 ww.w.conductability.org/f/vi_cart.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 25 x 16\012- data
Hash 478553e12048d93ab1b9769e96c0d663
e871c8ef49d4ebb8c1ec2e6183bd7021efe5fe91
8b8e124ba4f1e14c5248abe59e3b1f342327701cf9165394ae5bc1405984a885
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/vi_cart.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 04:41:34 GMT
accept-ranges: bytes
content-length: 289
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/spacer.gif
68.66.226.93200 OK 67 B URL HTTP/1.1 ww.w.conductability.org/f/spacer.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ba2dc1be08b3e8b807dd38c5c30b65ca
3a082e47363c891f186eac56f95805c759c09b6f
54adf773c824478a61297235ceba006b6a5512e06007b926d4c4f9cbbb094612
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/spacer.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 06:14:38 GMT
accept-ranges: bytes
content-length: 67
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_myBellPage_en_CA.gif
68.66.226.93200 OK 1.3 kB URL HTTP/1.1 ww.w.conductability.org/f/bt_myBellPage_en_CA.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 178 x 32\012- data
Hash e42dc4619bde30df6122b6ed0b40df93
ec4b2aeb041ed6c2aca99c8cf3751c46658c7654
0cd3474e46169c3f7734f9c979fedeb56d22563de51653de093ccd9069f40369
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_myBellPage_en_CA.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:28 GMT
accept-ranges: bytes
content-length: 1317
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_topNavSupport_in_en.gif
68.66.226.93200 OK 1.5 kB URL HTTP/1.1 ww.w.conductability.org/f/bt_topNavSupport_in_en.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 112 x 74\012- data
Hash dbb96f7bc6d506a84d5397681e5c089a
4c0a9ababd6bc7bf9b6c5b44b4232e70bc474bfc
c5e2e3fea838e2e7a01ad45635aba86a11ee5f3b5465654f65248cbb9630ea4d
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_topNavSupport_in_en.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:30 GMT
accept-ranges: bytes
content-length: 1527
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
push.services.mozilla.com/
35.162.143.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.143.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ySGSmKABsCJgcRlJTB7vKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7U4z+2iAFgiTH0lTJZ92PnvtrWc=
ww.w.conductability.org/f/tna_gr_logobell_en_CA.gif
68.66.226.93200 OK 852 B URL HTTP/1.1 ww.w.conductability.org/f/tna_gr_logobell_en_CA.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 92 x 55\012- data
Hash 016fd154c7c17b187eafa0bc8f003610
5d94427040d28a48b2ae11a983fcdc80b455869a
831bce313d7d292955b6c72f23de62be27ce028ad8e6093ef17c4bcfb8821e07
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/tna_gr_logobell_en_CA.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:28 GMT
accept-ranges: bytes
content-length: 852
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_myProfile_en_CA.gif
68.66.226.93200 OK 1.6 kB URL HTTP/1.1 ww.w.conductability.org/f/bt_myProfile_en_CA.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 178 x 51\012- data
Hash ba9b270700f08e635c29fa9828088ffb
129352ca29d94f01fa34a4018357224cc40b00d3
4fc8e015e19c3c3405774b47f5bff995de68e7c6a00ec66eb3170efb508d40bc
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_myProfile_en_CA.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:28 GMT
accept-ranges: bytes
content-length: 1576
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/entrust_seal_en_CA.gif
68.66.226.93200 OK 5.9 kB URL HTTP/1.1 ww.w.conductability.org/f/entrust_seal_en_CA.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 100 x 75\012- data
Hash 9f318bf903d428f035aadada5981c78f
27ee183ba996f8301cc86e89f49ecf8ffd76c229
190eabc359bd702bdb26e193c5eed52106a678eba8ebf5d8da51614cb322699d
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/entrust_seal_en_CA.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:30 GMT
accept-ranges: bytes
content-length: 5940
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_myBills_en_CA.gif
68.66.226.93200 OK 1.2 kB URL HTTP/1.1 ww.w.conductability.org/f/bt_myBills_en_CA.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 178 x 32\012- data
Hash 420a20c60339d30d6e6865fd22ea4f26
4faf8d7559914fc64af44684004a12fe51b05d39
8d2fe5062443a852f03dda196cb7c7a455e367abd6e09e65654c047111167836
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_myBills_en_CA.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:16 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 05:28:28 GMT
accept-ranges: bytes
content-length: 1158
date: Tue, 31 Jan 2023 16:45:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6755
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:45:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6755
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:45:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6755
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:45:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6755
Expires: Tue, 31 Jan 2023 18:37:53 GMT
Date: Tue, 31 Jan 2023 16:45:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: f03b3e95-5cc6-4749-83c2-d59d6fa9eb2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiVunGWXoAMFXyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7365d-40b9b11f3f33592829a98fbc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JAYN7gfwR0kEenTaM8mS_jGEYfwvcUGrjI_6wTb29wZfcLRuS2WHQA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:52:32 GMT
age: 67966
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 46466
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 68221
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 70913
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 53323
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 54159
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:18 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/f/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_topSearch3.gif
68.66.226.93200 OK 1.2 kB URL HTTP/1.1 ww.w.conductability.org/f/bg_topSearch3.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 393 x 37\012- data
Hash d8de2abafe995f9305aed19cf047f2f4
0a9dd6ccd3b5ebcf815aa8f7e559e3ebbc6d0e93
7971a1ef380ae5c90a3df6f3a0f1a38b3318aa4320208c8761c48cba0e0a2b49
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_topSearch3.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Mon, 04 May 2009 07:08:16 GMT
accept-ranges: bytes
content-length: 1212
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bt_rightArrow.gif
68.66.226.93200 OK 324 B URL HTTP/1.1 ww.w.conductability.org/f/bt_rightArrow.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 11 x 11\012- data
Hash b647e35101b939deae6da5b621441161
616666dde7a0c87a4adcb8de4301736da4b9e536
bef812208dcf9583fcb664b7c9e69f51041c398a9e6fe81444a4841466e99c5d
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bt_rightArrow.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 04:41:34 GMT
accept-ranges: bytes
content-length: 324
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_topSearch.gif
68.66.226.93200 OK 517 B URL HTTP/1.1 ww.w.conductability.org/f/bg_topSearch.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 167 x 26\012- data
Hash 14b01a2329780e7654be56af2bce2e66
dce622b99314cc9af1cef5d715448cf94c9fd97f
07eff9756c75528ce770a8e594e79427ba8f870cd09e03f58bb27b62f8a91bc9
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_topSearch.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Mon, 04 May 2009 07:08:28 GMT
accept-ranges: bytes
content-length: 517
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_loginOff.gif
68.66.226.93200 OK 884 B URL HTTP/1.1 ww.w.conductability.org/f/bg_loginOff.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 179 x 37\012- data
Hash 6346f4adc73c7a19f9cfbd7cc0e00d6d
af9a557b08f5f43c4a57e572661752095e8e9399
2f2f202d047d11d9fef789b6b78d09d69436e11f704f65a48a33f0e1d0f669a9
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_loginOff.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Mon, 04 May 2009 07:06:26 GMT
accept-ranges: bytes
content-length: 884
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_container.jpg
68.66.226.93200 OK 10 kB URL HTTP/1.1 ww.w.conductability.org/f/bg_container.jpg
IP 68.66.226.93:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 977x525, components 3\012- data
Hash 216d625eae1d600abda227118aaf3ad8
f4d341fba85e94b5babee87422b7377dc3322d8d
cc4e4325596ca9e794a9ed29f19de4baea3ec53fe65247ec287d09ef8685e840
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_container.jpg HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/jpeg
last-modified: Tue, 05 May 2009 04:53:54 GMT
accept-ranges: bytes
content-length: 10195
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_loginFormHeader2.png
68.66.226.93200 OK 2.1 kB URL HTTP/1.1 ww.w.conductability.org/f/bg_loginFormHeader2.png
IP 68.66.226.93:0
File type PNG image data, 193 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 7aa73cb87d7d25f17057b8a53ed69776
1f388eb6813e7958983a23683c74e273398edb1d
bd86bc7fa9b1fefcdb98efb625cd062788eb872590449e64bcc5541072e5933b
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_loginFormHeader2.png HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/png
last-modified: Mon, 04 May 2009 07:06:48 GMT
accept-ranges: bytes
content-length: 2066
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_topNav.gif
68.66.226.93200 OK 960 B URL HTTP/1.1 ww.w.conductability.org/f/bg_topNav.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 785 x 74\012- data
Hash 3f562476d56acfbaf786fb28e67d0e2a
efb6da62331f9e879e1b1dc91e44e00a3f9a687a
d1b75745c6db5a9f9b091540cea13ec3ebe8140ca57b8c7af780ae4acd76c939
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_topNav.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Fri, 08 Aug 2008 19:40:52 GMT
accept-ranges: bytes
content-length: 960
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/btn_arrow_rt.gif
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/btn_arrow_rt.gif
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/btn_arrow_rt.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_breadcrumb.gif
68.66.226.93200 OK 109 B URL HTTP/1.1 ww.w.conductability.org/f/bg_breadcrumb.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 11 x 15\012- data
Hash 595d2fd7029b1145e25f91f67aed4049
7240100aaf840a8e91fed057fb6b0f1ec0ec0fef
fcda7848214a4a7de76a93745693959a249e0e92a8b07d794e4e278484da4a2e
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_breadcrumb.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Tue, 05 May 2009 04:56:12 GMT
accept-ranges: bytes
content-length: 109
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_contentTop.gif
68.66.226.93200 OK 324 B URL HTTP/1.1 ww.w.conductability.org/f/bg_contentTop.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 785 x 10\012- data
Hash 68478d6e03837b95a618d2ce9c06cca8
3c20d6b753fc6434b2f9b7a7c871c0f05064c649
7960308532b4dde32ef1929a13f3a302830aa14d9bcd3bcb88f5f9e808104121
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_contentTop.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Mon, 04 May 2009 07:09:08 GMT
accept-ranges: bytes
content-length: 324
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/f/bg_contentBottomTransparent.gif
68.66.226.93200 OK 460 B URL HTTP/1.1 ww.w.conductability.org/f/bg_contentBottomTransparent.gif
IP 68.66.226.93:0
File type GIF image data, version 89a, 785 x 22\012- data
Hash aab7e3589b9c3f7378b4d85b20839566
b31211722bb0c4ebc073421112a8f6095333b9a0
66fe76f373774fba06e5fe9debec232635b89f17052922ebba61edc666954586
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /f/bg_contentBottomTransparent.gif HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/gif
last-modified: Mon, 04 May 2009 07:09:22 GMT
accept-ranges: bytes
content-length: 460
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/favicon.ico
68.66.226.93200 OK 1.4 kB URL HTTP/1.1 ww.w.conductability.org/favicon.ico
IP 68.66.226.93:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 1ef91bd78ec572064c736759790e0546
eba39151b941e7b068dc1c06e2eec329b6df47e9
530c70a4efca658092055cfecc0f85d9fa4447c2622e65322d8b8d5e531c8f7e
Analyzer Verdict Alert openphish Bell Canada
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /favicon.ico HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww.w.conductability.org/prepareLoginFCC.php
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public
expires: Tue, 07 Feb 2023 16:45:20 GMT
content-type: image/x-icon
last-modified: Tue, 11 Jan 2011 01:07:52 GMT
accept-ranges: bytes
content-length: 1406
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:20 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:21 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:22 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:23 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:23 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:23 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
ww.w.conductability.org/images/buttons/Login.php
68.66.226.93302 Found 0 B URL HTTP/1.1 ww.w.conductability.org/images/buttons/Login.php
IP 68.66.226.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bell Canada
fortinet Phishing
NIDS Severity Alert suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
suricata medium ETPRO HUNTING Observed Unusual Host (ww.)
GET /images/buttons/Login.php HTTP/1.1
Host: ww.w.conductability.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww.w.conductability.org/f/OBS_optimized_compressed.css
Connection: keep-alive
Cookie: PHPSESSID=471e1ffa8531bc15caf37bb650fa570b; __g_c=w%3A1%7Cb%3A2
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
location: Login.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 31 Jan 2023 16:45:23 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff