Report - municipalidadchilca.gob.pe/index/Drive/securepassword.php

Report Overview

Submitted URL
municipalidadchilca.gob.pe/index/Drive/securepassword.php
IP
172.67.172.75
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-29 03:19:21
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
municipalidadchilca.gob.pe	unknown	2017-03-16T11:49:01Z	2023-01-28T01:31:00Z	6.2 kB	57 kB	104.21.88.41
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.41.18.18
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	61 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	418 B	630 B	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	95.101.11.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/securepassword.php	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/jquery.min.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/jquery.countdown.min.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/jquery.plugin.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/bootstrap.min.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/supersized.min.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/jquery.cycle.min.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/jquery.mb.YTPlayer.js	Phishing
2023-01-29	medium	municipalidadchilca.gob.pe/index/Drive/js/scripts.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	municipalidadchilca.gob.pe/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-23
Pretty URL municipalidadchilca.gob.pe/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-23 21:52:01 Times Seen54723 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/jquery.countdown.min.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/jquery.countdown.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 8d79dcc8c9746f2e45ca23cb71a871b2 83844a7482e20142be090eee32a8a670d4de0f12 dc3eb66a992c25e5ec92e9469762ac2aca4b76076a85d8786a75ee9efbd160ef Loading...

	municipalidadchilca.gob.pe/index/Drive/js/jquery.plugin.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/jquery.plugin.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 49db3b76b6d6627bc9be3db8b2b7700d d4ba666eae12afef43b1590194c71369ae823871 4967864415461a62f59fa856c0cd9c3d6c3d6d5a31c0ce2561574d04e56ebcbf Loading...

	municipalidadchilca.gob.pe/index/Drive/js/supersized.min.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/supersized.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 5bb3dbce9b1e25cb3bd064b6f7ceed1f c1b00b8cb62a41d20bb52cf64832aa9e3a896028 4decfe93295b92e40f61ede03fb19f9ab52a46f7be817dc9ce333f0e86369046 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/jquery.min.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/jquery.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 2814526310b764f233db162b27139917 03bc0a7161edeb1cd89c56c550762731475b4eba 698178d726a5baf20058ac2a8df562abf5f5ec5f026e5ff99846aa4875312619 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/bootstrap.min.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/bootstrap.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash c464d78959a25bad83d3f2203e20e55a 6ea5aa28266b54b3cfdeda3fa0287e0128fde7ab bc290d92e1d9b0e29805d920527b2e40275624ec8e10baccc6106a54b28a1761 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/jquery.cycle.min.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/jquery.cycle.min.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 1de144d92ffa70b137ef4ac6a15c4e1e a8981f78e7ce8de9498046d9e031e3ee44a7b551 fb94fe439efb57323dec91b9519c376c496fa531748facdb0671e9eb7ac93658 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/jquery.mb.YTPlayer.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/jquery.mb.YTPlayer.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 371721092f18a30884a491c426b9e975 c9c6e50ed519a7782f54c60335d1dfdb8bbd3624 c3de5dfb962a740d509203ca6312177a2579870502fc7af482ef40de524f0a05 Loading...

	municipalidadchilca.gob.pe/index/Drive/js/scripts.js	10 kB	2023-03-13	2023-03-13
Pretty URL municipalidadchilca.gob.pe/index/Drive/js/scripts.js IP 104.21.88.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:37:17 Last Seen2023-03-13 10:37:17 Times Seen1 Hash 907ab3a9a79fd8f73beec0171a54e8f5 763b870883a0623b28fe6608e46cffb89a5f86a2 ae7860fa8b81a5b236bcc8e4a0585fabb2f0f832b671773181fda6bf3713e0ac Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Sun, 29 Jan 2023 04:13:52 GMT
Date: Sun, 29 Jan 2023 03:19:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3498
Expires: Sun, 29 Jan 2023 04:17:29 GMT
Date: Sun, 29 Jan 2023 03:19:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 02:35:33 GMT
content-type: application/json
age: 2618
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6934
Expires: Sun, 29 Jan 2023 05:14:45 GMT
Date: Sun, 29 Jan 2023 03:19:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kn/sQt0O3jNxXUsMT+/JkQmDpU4jYn81k4TCnrUi6DkAYbPTR/Y8ShTMKhnHN3C0M2IawyCMKjM=
x-amz-request-id: 5KMD4FZ8JXNSZECR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 02:21:13 GMT
age: 3478
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 03:19:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

municipalidadchilca.gob.pe/index/Drive/securepassword.php

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/securepassword.php
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2735 bytes)
Hash
ea3f9a3f14a528f088e95a1cdc4151b4
c948824c96dee4c3305e025f379665cd4edf644f
de2ed20c7868f4a2f82ba8f344919adfba3b614fba7fe9afa596c410833818de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/securepassword.php HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Hb7r3yXc3eOE9Php2cVIbG%2Fm%2BRnJ5Q9GadEamo9hXmNL26OIiUguibANEeqhOvWk%2BPrx909yJmp92LtkO6%2FgfpGWEXquOfibDh2igAPq1GdHsTcmnEdbF9lzoUYWXyAjzT80oNfntdbGk3fAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed3287c20b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:19:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 03:19:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 02:41:41 GMT
age: 2251
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2172
Expires: Sun, 29 Jan 2023 03:55:24 GMT
Date: Sun, 29 Jan 2023 03:19:12 GMT
Connection: keep-alive

municipalidadchilca.gob.pe/index/Drive/css/YTPlayer.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/YTPlayer.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2732 bytes)
Hash
2651f4c53433060c0febb70a6835d0ca
588c32c61746aa08c8d510de5c6382e3578a911e
1eb21bf1d96504deb8e4553778d6de917095fbd9ce63ff05a0238b8093822991

HTTP Headers

GET /index/Drive/css/YTPlayer.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Fn%2Bzxpx0hjMIuP2%2FO0tPecvsmoL31ottjToCvrXvbKnasM98tbxKFPwyzYtazvSATzThq1z7mHfhfZUHd53SvFzZMZekcA9mKnQfxTWQ3816t6Flifpjo5xfW%2FOMwWMIVuooJztmwjUMX%2F38g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c2ce50b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.88.41

200 OK

655 B

URL HTTP/1.1
municipalidadchilca.gob.pe/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 11:05:52 GMT
ETag: W/"63ce6a10-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOMl%2BsX2jsTp829kssgz2QxOwAKO66pbEBDpfftiHX7NHzEoM0R9I4%2F00EsUT2G1hRN6SjURqoVF99nf%2F9CXGWeMQJ%2FbcLaR7Eu0SJXOOnqX%2BOP1hpXtdmxwh5dWBiaW21mbvwRpp95ppjM97g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790ed32ddd6c0b41-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 31 Jan 2023 03:19:12 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

municipalidadchilca.gob.pe/index/Drive/css/bootstrap.min.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/bootstrap.min.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2745 bytes)
Hash
1a3e752f231f1b28b6b8343274b28810
e1f8cc3cc018939943261da24815e86e99a53b54
5c2a0162c7ade55c1409198292e9d1cfd3fe8b4dcdcb81b990cd9e18bdd699c8

HTTP Headers

GET /index/Drive/css/bootstrap.min.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8IOlvMl7jCEcMmh0hHzroD6ZMqOwPRUz72vzzbysrOxKIt%2Boz0yrABn4JrWp0ADh%2B0gcVRSiGHJSEygoAS1ez02CmxHMrikzaGiEnUEKEGvEcLND%2F%2FuJWMQG1AJf2EdJXnJP9k3PQrVzQO7yw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c1db4b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/css/font-awesome.min.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/font-awesome.min.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2748 bytes)
Hash
6480709d41baf8b49b0b70cb8f1f0fcf
6f7e1d64261c595cf427d40d2304073b04785fd1
f4d7ef1ca502726a13a5298f657e3c330e853872900d1a63bf0614f223095ef7

HTTP Headers

GET /index/Drive/css/font-awesome.min.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y1N%2ByXfon3ZWRHFpuybWiTAXA1lwI20KN68rPA7IeK27vXgMEUsEY%2B6UQCz%2FmNlcDJd82qdHPRdAO8PzrwjxrPEVmC9cQ0VSHw%2BUmsOWcll2TkWwoH7Tpy20oyty6QouR1n4XhxzCwc1QSO2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c2ff71c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/css/animate.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/animate.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2747 bytes)
Hash
0991999b731756af624abc164abdd0f5
72744115d49b333527bbeaeeb4fecd875275938b
cf694da133267ee87106ae810699c965398752da833d663aac41153dea8f8391

HTTP Headers

GET /index/Drive/css/animate.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqgYhxy%2BvLzFneceGEOnx7TGZzu1aLhA0V%2BpWU0sNuOAbHm9YqLqVhsIfQKNNFFrKgyM%2BdtjNiOfCEbhuaXsoctMomISPq8laenECplovWx43UhnwCpYxrfj8JQuHhBkN1lxgjF2xVaf0CACSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c2d0f0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/css/styles.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/styles.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2732 bytes)
Hash
a358886785af2ff6f1368cfe5f57e86f
004a1d111d4f73a431d58b21262db9ebf1ff71fa
9eb9b7188c2984268cc7992a19e1bd34ec51eaaaa31e2b6077b31b51a6723462

HTTP Headers

GET /index/Drive/css/styles.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1tZgsWzUskdu4RoM3QUDl49zdZzoKmw0Uno5%2B1O4HhvlmX2RDBJvxFnVoEZCi5B%2F21Igk7d1eRm4%2F4xj%2F35SfeMBKF9c1H2uyoDdcFvEdgabInexbNdDvClldHydLWkXKe%2BVREZhe6lPLx1Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c2c3fb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/css/supersized.css

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/css/supersized.css
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2737 bytes)
Hash
04b0fdb3a95fd8d27ec4af59e1fc9c83
3ec21ac25994b98be16fe325728b491c2bc1b3af
00c2afdcb69ce26bfd2a9f6d3a4d6657fa8a752cb06f16fbe9f895744fb6b2f3

HTTP Headers

GET /index/Drive/css/supersized.css HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDZmEYwrBv9SV0vk8UD%2Fb3fXMzf8QYS17Mp41kowaYpomtFQuhTdJgNd2np0aM%2Beloccy3y4FwS4JI5ikhviqtD56NU8hAVr%2FY6DlPRiQKCQiESma6IylJy75R%2BlYAm1f440kNGnET2LHIb3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32c2ffa1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

52.41.18.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.18.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MrF3I5rNgH7uHDvbJIIcTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u+R63zZRqDokUcSbfLUj7ioRGoA=

municipalidadchilca.gob.pe/index/Drive/js/jquery.min.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/jquery.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2747 bytes)
Hash
dbad9627c7c62080edf906defcdf612e
482aaf93e806cbef8171738b3359792c0e07e456
f50d8512faa08f019cbe9ff4332d344ddcc8e93c3b7cf049be437f4a160c0b18

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/jquery.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UizvmrtFywCs4M9IBoOx%2FIiZceZVrSp%2Bg8XGkUzqmlf%2BB6uRqmscXXhpPS4dYiSQvcFgLBQcgVpyM3jcWjCY2wmotk8W4TRGxMcMn6ACaC0iEUit8DIooC%2FVoPrx3bEnvCar07XehOn9iwMniw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32ddd6f0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/jquery.countdown.min.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/jquery.countdown.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2744 bytes)
Hash
1bd17c26fbb49d5111355d274b557cc0
27c23aaeb571ad9fa35b7928c7476fc3c97f7c2b
b6252ad1996a9bf4ba928a7e3534e1e56dcfb7bf984758cc3fba580deafcad86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/jquery.countdown.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj3UIVXxEm2HNB%2BTEoMJDw8MBw0HdAx%2BIJP0AVGRvr75iNdNcsnVJAycRIZz%2By1wOzuLGa2pXyJsHQ03%2Bq3eUdPUOytRo6e1aO8eV%2BWocXDF5gEdP2vtfvAAelf1xjc2qno2v5oVS2RfxZSvNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32f0e280b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/jquery.plugin.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/jquery.plugin.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2748 bytes)
Hash
4dfaf3b73705359954d98b30a05350f6
df7c9d9f5fe7b994edf4552dcfca3a55c2c8ae1a
ad6d5fd6998573ef4c82a64bb4faeb7a996699d0374a11da0f8586a3e3c9b751

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/jquery.plugin.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLe%2FdDJpFfYP03UqYaFlf%2FqEUbQccZYfUZ7MVN6XGDApYSs64F7VAaUN2BKlSPzJQUyPxi1OHPys4dM%2Fx7CzkKwjfW%2Fpg1EWfxGbYw6ijgIoD2OQhaeFh67mSsM0QiBiwwI1kA%2BxXfd%2FJL49eA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32efeddb4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/bootstrap.min.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/bootstrap.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2743 bytes)
Hash
1a06fe8938133d45d83fdc54ae071c4b
38f8e745827a818a8d9e562ecb7748077f445471
6c5cf3c554d83bc2cb3829f18e22e404ed7350088f5804ecec4ce9389dad9011

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/bootstrap.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCtkllejRh%2BhW0D5km%2BNwnIoY0W4QfScNKvD%2FoHp6sGVWcN58x27LiX435dNRk3KGDueqgkJw7PbZnPryBAWpvvMsz7amQZCgajP4e0J6veVmwinsuv4QKjtParqvRurapfVWqgLko8TUcF5wg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32ef9121c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/supersized.min.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/supersized.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2744 bytes)
Hash
91e80b788cddf682109ceeeb9ca7db82
118a4df0c397c8e64939ed8ebfbcd92791fc7978
23133ad9c45cacb22e77cef8df4b71f055788f016fe9fbe2d0a4a920e2435a88

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/supersized.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FeJ3kPUYwrIpFbv2hdI9EvI%2BG9agy5DCBB0XDUCIIT5d0%2Fer8fI6bRgHhzCzGvBWd6KSB8Bry0Lmm%2FbaCX2tKxV%2FGoFybwryZ0vLmFnGpyj%2BK8bw3NtOyqR6LZ4mwQMrF61nHQQNNKnysvZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32f2d6fb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/jquery.cycle.min.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/jquery.cycle.min.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2746 bytes)
Hash
c08686cdb13a3c3161f8203a2325fa74
5b63905c2109b51ac1ae3e8420ad2fa983dabe84
816b968ed0219e3e1f18f3d3808e6d437528a684beba551e9ac39726fe0791bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/jquery.cycle.min.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXQMWjb0jCfy0pKQbouPFNjbWSC6xmZ%2BSpz6wWviLhL9mETqhekrxvqHwngB63TB%2BJ1%2BkgnTsn1lwgLw6zd15%2FArVGFhgSa5tTLDNuOiyUgAewKjIYNqdlMLXlt1LSkAI7fRab4xul4hstKPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed32f29241c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/jquery.mb.YTPlayer.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/jquery.mb.YTPlayer.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2746 bytes)
Hash
db0690869cdc82749958613578783fe9
41e2f3a1a176cef12516ea7f274ec4f0c7e1f205
7aadeaaea0c7a1c03ce65ac24b3a09986d9f1572fbcc9494eb087806fa4acde6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/jquery.mb.YTPlayer.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXk2LlkCQpN1Heg%2B7ahcxnfYRexHvJVygwnZGIM%2Fz6FbgXwVel%2Baf8LyhB2o4qD6dFtTtXnlAd7vqbkEsTs0BVZSZaNnEJ6AGarwpifTllw%2BKqfrBVVe2jyw6RWJ6H7aa%2FXWo62gx661ianZtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed330be580b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/js/scripts.js

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/js/scripts.js
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2747 bytes)
Hash
2882f616adfdb5ee7c65a55c557b3820
f9f830ee3a2a2876689b266478a96dddb77e779b
f52bb7f0fd4c9ac893d687acd1e0a0ea8a09dc8194463476de08236a213fb767

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index/Drive/js/scripts.js HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy2yDeeLIxDqVPLXkgCBFnadVWYtX0H0ys9TXYto00c4lv3DPb35OWdepRxNkPJIynstdY%2B3Vpg8zbOjptg5MxCUIWt6IIJJbLnd3vZLrL28Ga9PGFVq1IkXXepmXj5GC%2B9Z0cdy4hJ3J7AXTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed331df3b0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

municipalidadchilca.gob.pe/index/Drive/images/favicon.jpg

104.21.88.41

200 OK

2.7 kB

URL HTTP/1.1
municipalidadchilca.gob.pe/index/Drive/images/favicon.jpg
IP
104.21.88.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.7 kB (2747 bytes)
Hash
32b60deac9e245b1f808546a6cc3f397
e9094b3f39be8ec01fdfc4a9fab68fb8cf716523
b233430cb70509620c224a77325c86954cf161468745cb218e7f61735c0a6352

HTTP Headers

GET /index/Drive/images/favicon.jpg HTTP/1.1
Host: municipalidadchilca.gob.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/index/Drive/securepassword.php

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 03:19:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 03:19:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeMdVqrIecIL3t5QgiJT64rJLUyOsctVihKhwg9VDvYDdBLsU2IMzldM6YPxhUvWa%2Bt1xjDMKpS8ximiHO4nZ1UimAprChmltrHaPodGWsxlnF25c29uPPEsGtEnC2%2BPYAXqCDSbXgiWN9V%2Ftw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ed3349b091c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7158
Expires: Sun, 29 Jan 2023 05:18:31 GMT
Date: Sun, 29 Jan 2023 03:19:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7158
Expires: Sun, 29 Jan 2023 05:18:31 GMT
Date: Sun, 29 Jan 2023 03:19:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7158
Expires: Sun, 29 Jan 2023 05:18:31 GMT
Date: Sun, 29 Jan 2023 03:19:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7158
Expires: Sun, 29 Jan 2023 05:18:31 GMT
Date: Sun, 29 Jan 2023 03:19:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7417 bytes)
Hash
6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcMmFeQIAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 03:34:31 GMT
age: 85482
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11624 bytes)
Hash
6021d6a06bff2826eb341747e82484f7
a817ff1ba206234627706551820d0d9856b398de
f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11624
x-amzn-requestid: dff12902-8b83-4df1-a2c9-a2ee9565830f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIhnjEmpIAMFdlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce2fc-0216188a3154167648f7d976;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:17:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kxzVU1bNn09g_-73AY-mNvzhHo-dTyQinPkfPEqhDcKFfrTnbDpaZQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:15:07 GMT
age: 14646
etag: "a817ff1ba206234627706551820d0d9856b398de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7790 bytes)
Hash
e6d617843cc1f7df21950fe7d4add160
4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9
facb5e8beed1bf0b0ae02cba77278767f211717097803b3966312dfe0822646b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7790
x-amzn-requestid: 19b7ae0c-7ce9-4d01-96c3-9259e6f2b1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88xFpKIAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-0d4a98a74200cb962d434f82;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORGO0m0bJJzpWpxLCewm0J1vp8khEZlPzL58syBdlhyQniN8em5Qzg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:19 GMT
age: 19974
etag: "4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 34997
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8652 bytes)
Hash
43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 14869
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10030 bytes)
Hash
2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4C0fCJB3N9nw0xKQnlsRLx_VGA3shg394U3Tq4pxNMWgggZe93TLUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:30:44 GMT
age: 24509
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,700|Lemon

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,700|Lemon
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,300,700|Lemon HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://municipalidadchilca.gob.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 03:19:12 GMT
date: Sun, 29 Jan 2023 03:19:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML