Report - 220.128.133.15/findjobs/public/

Report Overview

Submitted URL
220.128.133.15/findjobs/public/
IP
220.128.133.15
ASN
#3462 Data Communication Business Group
Submitted
2022-09-25 16:40:02
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
220.128.133.15	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	1.4 MB	220.128.133.15
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.81.125.88
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	220.128.133.15/findjobs/public/	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/buttons.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/chartist.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/bootstrap-notify.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/material-dashboard.minf066.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/core/bootstrap-material-design.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/moment.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/core/popper.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/core/jquery.min.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/img/search.svg	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/js/plugins/moment-with-locales.js	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmSU5fBBc4.woff2	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/fonts/google/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/fonts/google/KFOmCnqEu92Fr1Mu4mxK.woff2	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/img/logo2.svg	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/img/person_pin.svg	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/others/message.rss	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/img/edit.svg	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/img/local_library.svg	Phishing
2022-09-25	medium	220.128.133.15/findjobs/public/assets/others/news.rss	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	220.128.133.15/findjobs/public/assets/js/plugins/chartist.min.js	40 kB	2023-03-08	2023-03-13
Pretty URL 220.128.133.15/findjobs/public/assets/js/plugins/chartist.min.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-13 07:01:26 Times Seen1 Hash 8fc81e002378dffac3eeba4ee50a472b 3d242440a69c48739354620d003482e45fd00e77 4f94be6f9ea62929ae901dfc5d0d770bad4a084d105f887765a82acfbcf7fffb Loading...

	220.128.133.15/findjobs/public/assets/js/plugins/bootstrap-notify.js	17 kB	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/assets/js/plugins/bootstrap-notify.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash a35755c7f7f22e4849957874549e7c3b af26877aed7cc302fd0815668b90c3c94e230dab c4a2d214ac8a4c282bdf57fe1c9c9843a262fcba6fb3646fefd2197d12ff56b9 Loading...

	220.128.133.15/findjobs/public/assets/js/plugins/moment.min.js	59 kB	2023-03-08	2023-11-06
Pretty URL 220.128.133.15/findjobs/public/assets/js/plugins/moment.min.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-11-06 15:07:43 Times Seen5 Hash 8fc880c298daed162f06038fd8387c21 7b38e8b30010dfd29ca8d81dd1c321d684f8bc4b 9d4aefd9012ba064ea6f5eb634718ed9d84c524771c5bbafa151a537c783c143 Loading...

	220.128.133.15/findjobs/public/assets/js/core/popper.min.js	34 kB	2023-03-08	2023-06-08
Pretty URL 220.128.133.15/findjobs/public/assets/js/core/popper.min.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-06-08 12:43:54 Times Seen5 Hash 9fd1cd8f656aa751feed29996e8c27b1 a99dee8a56934f27adda0cddf1a88d196332b6c6 0efdcde3a8ca1ee163d927f55238f5dea13a160f2f10c32890b7c1c4b547021d Loading...

	220.128.133.15/findjobs/public/	53 B	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/ IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash 8fe47eff0eb4be6d219522d2695c4601 9464a69cb7054c1b3cdce56999dd65344a5f109a 9b0713ad1d1c5523d5d856d7fc82a2b84e618730ba81404dd84f0967911a9e22 Loading...

	220.128.133.15/findjobs/public/	678 B	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/ IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash 674ee4a63bdb076a358fe3deb79b8b36 ca5f4ab4c8c516a0468713b9610735522d693ef3 1657274ed5d4c50cc05304388e422f9eb0c0af3df2929548835532f88631e8ac Loading...

	220.128.133.15/findjobs/public/	61 B	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/ IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash bf10e1c943432e4fcec3b3a47d0ec399 1369b7ca4b41e0990651ad12b9aeecc7a8dbd973 3ee1ec49745064bb14ffab474205937b2d0e0d55dcb57e53276619503c5400aa Loading...

	220.128.133.15/findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js	25 kB	2023-03-08	2023-11-06
Pretty URL 220.128.133.15/findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-11-06 15:07:43 Times Seen7 Hash a52a39a800ec7dff6c11ecc2863e1fc9 b333e393c97179749055e860f43053febb997c9d f28bf43eff757bbc963b05552a1926714999a97d142ff0b7c5748d278151d183 Loading...

	220.128.133.15/findjobs/public/assets/js/material-dashboard.minf066.js	12 kB	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/assets/js/material-dashboard.minf066.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash 9f53e75077ad61c983654ce9d5a5e39b 0f62418d83b2d4b26f1af2b12ea985f3e337515c 2891bf9cf5dc5446c7cec6044bcaaa2c17eba72fd582c263c40843363b11a85f Loading...

	220.128.133.15/findjobs/public/assets/js/core/bootstrap-material-design.min.js	77 kB	2023-03-08	2023-06-08
Pretty URL 220.128.133.15/findjobs/public/assets/js/core/bootstrap-material-design.min.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-06-08 12:43:54 Times Seen3 Hash f4e875f08c0867a73f990d486876eb2a 2ad3b8127b688bd10839b9534a08c1b56fa8104f 1a2981000e902580cb6591adf9684853082a7dc87cb0f096ec65615cc74859c7 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 02:05:44 Times Seen37052676 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	220.128.133.15/findjobs/public/assets/js/plugins/buttons.js	11 kB	2023-03-08	2023-03-08
Pretty URL 220.128.133.15/findjobs/public/assets/js/plugins/buttons.js IP 220.128.133.15 ASN #3462 Data Communication Business Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:08:17 Last Seen2023-03-08 01:08:17 Times Seen1 Hash b26cd8d886877d1422d0ca4c7163f05d 4dfdee08dbdc2cf3298ea021148140291d51b2d0 cd0f89029693f883c8739e5ed55e81a1cac2194a2aea036a6a05440c3a71f98c Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (50)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2222
Expires: Sun, 25 Sep 2022 17:16:53 GMT
Date: Sun, 25 Sep 2022 16:39:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 16:07:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _1GxuY9pQYZ6glBW9YyO4vdkdQvWaBmVn7_gqhV0FYgHcSvAGmqbHg==
Age: 1952

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4370
Expires: Sun, 25 Sep 2022 17:52:41 GMT
Date: Sun, 25 Sep 2022 16:39:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mOiiVXqEPQMW+vkPy4/SBlNRoaUEMezw087+tuuB445D81KS/AinzS6PQOeV+uKdK8aGX2zqxJQ=
x-amz-request-id: Q0AFNVEDN13TFBGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 15:45:50 GMT
age: 3241
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

220.128.133.15/findjobs/public/

220.128.133.15

200 OK

4.9 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (354)
Size
4.9 kB (4871 bytes)
Hash
263f70168633163c5634cd31f36c1a39
03b6e265d735a7f163933c9db1a2893813428a91
8698f21623fa082cb721a0e81d729b3cf2639f55bffbbc9251db86f079a37d60

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/ HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4871
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 16:39:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

220.128.133.15/findjobs/public/assets/css/googlefonts.css

220.128.133.15

200 OK

1.1 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/css/googlefonts.css
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1112 bytes)
Hash
6658919236d2331edf493a8dd1feb0be
68ce75fbf9fcea93283d78079e0b2a9b810a9622
a8825ee3b80be6ca02f042662323b6a7b83342ce59b8f4e6aa41f65841c7d68c

HTTP Headers

GET /findjobs/public/assets/css/googlefonts.css HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "3623-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1112
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

220.128.133.15/findjobs/public/assets/css/font-awesome.css

220.128.133.15

200 OK

11 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/css/font-awesome.css
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (51210), with CRLF line terminators
Size
11 kB (11219 bytes)
Hash
3239a470bc61deaae8140e138c8fa8f2
59d79aff40ac86cb007475f881df7862f877387e
e98caa37246070dcfc0aa19a6db617fce320a2eb958891bba5fba87b9b0fa4bf

HTTP Headers

GET /findjobs/public/assets/css/font-awesome.css HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "c8c7-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11219
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 16:04:17 GMT
Expires: Sun, 25 Sep 2022 16:16:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wvv8RsBFyb7jZBRNO5qhb1Sx9ZeiRoweAeCVf4UP2cCsxQa5xRdQwg==
Age: 2135

220.128.133.15/findjobs/public/assets/css/goodjob.css

220.128.133.15

200 OK

1.7 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/css/goodjob.css
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1679 bytes)
Hash
e2e840664e1f37ea6c09f3a44b26b0fd
b8a7fa385ae02a4a66fdc9018c3b3a5a69ec6440
7a38d337d81b894337fe5540d1f0ec73ac9e7d9b8ed33c0270ba2bf2670d0ad1

HTTP Headers

GET /findjobs/public/assets/css/goodjob.css HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 12 Mar 2019 23:24:58 GMT
ETag: "1915-583edff580680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

220.128.133.15/findjobs/public/assets/js/plugins/buttons.js

220.128.133.15

200 OK

4.7 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/buttons.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (11009), with CRLF line terminators
Size
4.7 kB (4716 bytes)
Hash
97661a62341f6afe04f1cf33c8eedb6c
492533266bc3935f0c2c958a089a81e5bb30e83d
cc692201838c88571799ce414a6a4543d4bebd437433e2102121457363bf8acf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/buttons.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "2b03-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4716
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js

220.128.133.15

200 OK

6.5 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (25300), with CRLF line terminators
Size
6.5 kB (6509 bytes)
Hash
e696b5259abbfa4f827b04f2230687de
a23a3f2860c26e6415fb96c87a3db30603025925
df159d3fd3525758d7ddcb0cc1eb372b90ebe9b95712e4ffa265a9fa4a41c6e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/perfect-scrollbar.jquery.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "62f5-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6509
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/css/timeline.css

220.128.133.15

200 OK

7.7 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/css/timeline.css
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with CRLF line terminators
Size
7.7 kB (7742 bytes)
Hash
150126b161888d71a6b16cbecb6fb9d4
41d9285d8f9c9ba430ee1b40f04f1f9def787d70
d0abc0e45760aa4fe3f8e49154394d1f1084a0b6939c4a4c34c117e11d729e5e

HTTP Headers

GET /findjobs/public/assets/css/timeline.css HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 30 Nov 2018 17:43:44 GMT
ETag: "fe6c-57be5572f5400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7742
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 16:39:52 GMT
Last-Modified: Sun, 25 Sep 2022 14:49:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

220.128.133.15/findjobs/public/assets/js/plugins/chartist.min.js

220.128.133.15

200 OK

12 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/chartist.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Unicode text, UTF-8 text, with very long lines (32029), with CRLF line terminators
Size
12 kB (12060 bytes)
Hash
f9fec6bfb1a925f31b2659cd5a2378fe
8604f5023fbef03678807ccb70910a4daba1a4c7
9186a64d7b2dfcfffda1f5301b3412c3843061c2854492a9bb1923f176e55bb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/chartist.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "9cf7-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12060
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/js/plugins/bootstrap-notify.js

220.128.133.15

200 OK

4.1 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/bootstrap-notify.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
HTML document, ASCII text, with very long lines (599), with CRLF line terminators
Size
4.1 kB (4140 bytes)
Hash
1cdba544655071cf4d74283be621a5d8
0eada329253771e6926372b9d7d0fa095a540df9
13698c7afea050d1894864b79f63db651f18b3944879bc301c0fc0e96c6d5097

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/bootstrap-notify.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "43bb-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4140
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/js/material-dashboard.minf066.js

220.128.133.15

200 OK

4.1 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/material-dashboard.minf066.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (11869), with CRLF line terminators
Size
4.1 kB (4129 bytes)
Hash
2989663c0d9b349d2de07e00bb2c322c
be12120da98867715a58cc1fa299b6b90f7cb2a7
31dbd6241f0eddfe6d9dbef69b0ecb1e1ae189e05a45a4c62f90f3a7ae516c44

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/material-dashboard.minf066.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 13:50:48 GMT
ETag: "2ea6-57ab45687de00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4129
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/js/core/bootstrap-material-design.min.js

220.128.133.15

200 OK

20 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/core/bootstrap-material-design.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20274 bytes)
Hash
c9d367cb078d4891c18db00d9d57be15
62fb981314f497a76f761e057c5de9376a453830
d8c8bd0e78275662cbc386c3e6fa509bcadb9a2caa3913f093588b5f9559a85a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/core/bootstrap-material-design.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "12b6d-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

push.services.mozilla.com/

35.81.125.88

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.125.88:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bFo+UWh93GdzdSoMHRo3NQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bYHqlYD4U6O9Gh65Qf8KG4jbL+U=

220.128.133.15/findjobs/public/assets/js/plugins/moment.min.js

220.128.133.15

200 OK

20 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/moment.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (1708), with CRLF line terminators
Size
20 kB (20275 bytes)
Hash
8d8134aca4a6cf60a4bceeaffcb64905
c7353cb23a675d79aee08e933167e7ed00806fcc
7c3fcb76943506b0ba391ee8c86f254fdb7865696b33d3f00b193520ec7e259b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/moment.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "e72b-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20275
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/js/core/popper.min.js

220.128.133.15

200 OK

8.1 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/core/popper.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (526), with CRLF line terminators
Size
8.1 kB (8099 bytes)
Hash
80aaf46db6ae6229059ce26bcd17a130
26768081d213fb0bcd0d038aa1040dd6ef15f1de
17d167dc70aa487ee670ba4d27c044ea06136972f191de6b71b5b40d3d9b1ab5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/core/popper.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "8606-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8099
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/css/material-dashboard.minf066.css

220.128.133.15

200 OK

77 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/css/material-dashboard.minf066.css
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (65034), with CRLF line terminators
Size
77 kB (76808 bytes)
Hash
06045b9f7b606cb8e5ddbb0cce666ade
457f7eb92d6e35b5048e09ced10d6e63cda48568
578db7a40e7248801fdf91b7c3feb05b4bab4aa6ebc33aa334a97448e504f2b2

HTTP Headers

GET /findjobs/public/assets/css/material-dashboard.minf066.css HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:58:52 GMT
ETag: "7c9e3-57ab119128f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

220.128.133.15/findjobs/public/assets/js/core/jquery.min.js

220.128.133.15

200 OK

36 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/core/jquery.min.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
ASCII text, with very long lines (522), with CRLF line terminators
Size
36 kB (36220 bytes)
Hash
772d54ba8c87dc4ac1ffca553cde3dae
92bda465efa5ab42af9db1a95baae5b5d22f992b
c8466d2bed94dda4d7ed4b7f2daf0e8b59d265164e27c8523f6957590a7c40f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/core/jquery.min.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "245f4-57ab0cf0b2480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 36220
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/img/search.svg

220.128.133.15

200 OK

798 B

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/search.svg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
798 B (798 bytes)
Hash
ba4a05661a47be61c323c450e655a085
3ff2a2c025061d9b696d0dcc6aa8a8d32d091750
70f1c4a4ad7fd38c467f18e8cedffbad6c4f0894ace61af83780bf86441cbf70

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/img/search.svg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 17:03:04 GMT
ETag: "31e-57ab706214200"
Accept-Ranges: bytes
Content-Length: 798
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

220.128.133.15/findjobs/public/assets/js/plugins/moment-with-locales.js

220.128.133.15

200 OK

94 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/js/plugins/moment-with-locales.js
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Algol 68 source text\012- Pascal source, ASCII text
Size
94 kB (94143 bytes)
Hash
5b2d39ed7edaa2636d0793d44fef14f5
76262dcf3d13afc020f0a1919b31676a467a9290
63957668145d43c9f309bb4b8a2916592ba643414798300a4003b504c2c6189f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/js/plugins/moment-with-locales.js HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 06 Dec 2018 17:10:42 GMT
ETag: "80887-57c5d9418a880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

220.128.133.15

200 OK

15 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Web Open Font Format (Version 2), TrueType, length 15440, version 1.0\012- data
Size
15 kB (15440 bytes)
Hash
55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/assets/css/googlefonts.css

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "3c50-57ab0cf0b2480"
Accept-Ranges: bytes
Content-Length: 15440
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

220.128.133.15/findjobs/public/assets/fonts/google/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

220.128.133.15

200 OK

55 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/fonts/google/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Web Open Font Format (Version 2), TrueType, length 55208, version 1.0\012- data
Size
55 kB (55208 bytes)
Hash
658dde714e624426b1f0f9976f031513
98cfbf585103cfd9604971b517cfc690729c889a
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/fonts/google/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/assets/css/googlefonts.css

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "d7a8-57ab0cf0b2480"
Accept-Ranges: bytes
Content-Length: 55208
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

220.128.133.15

200 OK

16 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/fonts/google/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/assets/css/googlefonts.css

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "3cc0-57ab0cf0b2480"
Accept-Ranges: bytes
Content-Length: 15552
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

220.128.133.15/findjobs/public/assets/fonts/google/KFOmCnqEu92Fr1Mu4mxK.woff2

220.128.133.15

200 OK

15 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/fonts/google/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/fonts/google/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/assets/css/googlefonts.css

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 09:38:10 GMT
ETag: "3bf0-57ab0cf0b2480"
Accept-Ranges: bytes
Content-Length: 15344
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2

220.128.133.15/findjobs/public/assets/img/banner1.jpg

220.128.133.15

200 OK

262 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/banner1.jpg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:11:27 17:45:56], baseline, precision 8, 1000x446, components 3\012- data
Size
262 kB (261562 bytes)
Hash
6ddc56a96d8a822d1c332711bd48d711
95cb9a25ffcd2f8e6f1973ec61874c18d7ead353
e3abd52cb61e8d33f12688d871e760ba7b565bdc8478c30c0b108f7e33e6bddc

HTTP Headers

GET /findjobs/public/assets/img/banner1.jpg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 27 Nov 2018 17:46:00 GMT
ETag: "3fdba-57ba905c46600"
Accept-Ranges: bytes
Content-Length: 261562
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

220.128.133.15/findjobs/public/assets/img/logo2.svg

220.128.133.15

200 OK

8.0 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/logo2.svg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
8.0 kB (7977 bytes)
Hash
18fc742e297d49e8feaabd9a1fab20ad
0fa5b92294d8f1baac4aec47ce907f07ba1b76de
ce9ad56ca7d8558251a1f9d401aacb28cc09712c8cbb9a7a60e68cc3c9b4d83b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/img/logo2.svg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 23 Nov 2018 15:02:08 GMT
ETag: "1f29-57b56445e7c00"
Accept-Ranges: bytes
Content-Length: 7977
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

220.128.133.15/findjobs/public/assets/img/person_pin.svg

220.128.133.15

200 OK

847 B

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/person_pin.svg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
847 B (847 bytes)
Hash
ff3fd49de6a3cc9d4946594567483d05
d4cb756239cd8bf9e3683f8936fd0b482866d635
591f45fda93cac5ad94ebff4cef9d2dec3994832f0bc028dd4f30bb7fd73f317

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/img/person_pin.svg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 17:14:22 GMT
ETag: "34f-57ab72e8ab780"
Accept-Ranges: bytes
Content-Length: 847
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:39:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:39:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:39:54 GMT
Connection: keep-alive

220.128.133.15/findjobs/public/assets/others/message.rss

220.128.133.15

200 OK

153 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/others/message.rss
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (7532), with CRLF line terminators
Size
153 kB (152736 bytes)
Hash
e4f32c34e50915c4955c393f2de4a2da
5d58758a51f42099267ee87fb6ea1094a224a0de
1a7c0c60a541aab3b2dcc3210d651997effcf05d9c40cf44e458dc4472e35283

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/others/message.rss HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 06 Dec 2018 17:25:04 GMT
ETag: "254a0-57c5dc779bc00"
Accept-Ranges: bytes
Content-Length: 152736
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-rss+xml

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:39:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 16:39:54 GMT
Connection: keep-alive

220.128.133.15/findjobs/public/assets/img/edit.svg

220.128.133.15

200 OK

711 B

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/edit.svg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
711 B (711 bytes)
Hash
6ccb282aa815fea6db95acb077b05897
99850791ab3f5664e84ed1a8a9095191f4f4783c
e49647174a9672fdca54794e707357cdcbf176aed5982d1f9111a2287582a45a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/img/edit.svg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 17:26:20 GMT
ETag: "2c7-57ab759568700"
Accept-Ranges: bytes
Content-Length: 711
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

220.128.133.15/findjobs/public/assets/img/banner3.jpg

220.128.133.15

200 OK

284 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/banner3.jpg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:11:27 17:47:31], baseline, precision 8, 1000x446, components 3\012- data
Size
284 kB (284366 bytes)
Hash
37d1a0bd62d54ed62fef5748a58bb9a6
86d281883e4c565c95c7c4f506228b4b18922590
b71dd81ce07ac0c8d622382bfa5249c770ac88fda5d247a6fa14c2fa3cf72d8c

HTTP Headers

GET /findjobs/public/assets/img/banner3.jpg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 27 Nov 2018 17:47:32 GMT
ETag: "456ce-57ba90b403500"
Accept-Ranges: bytes
Content-Length: 284366
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

220.128.133.15/findjobs/public/assets/img/local_library.svg

220.128.133.15

200 OK

729 B

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/local_library.svg
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
729 B (729 bytes)
Hash
04581a9cb66db783dcf512556a33c069
6139448b8fa5dfd45b5b6a36b0e08a877e525c77
8fa11125c4c15d7749a7541d62f1d33f96ae3e2f8bb1464bc58f2e41c2bac84e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/img/local_library.svg HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 17:19:08 GMT
ETag: "2d9-57ab73f96bb00"
Accept-Ranges: bytes
Content-Length: 729
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 68542
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 67372
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8715 bytes)
Hash
a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IVWTWArqWNBCHmVFP9mQm4bAi4f5pq7wJX2ve-ksyx2xmNqHz5pX8A==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:31:50 GMT
age: 40084
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7757 bytes)
Hash
9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:22:33 GMT
age: 33441
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7690 bytes)
Hash
75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N1964asC-XTl9uXwzmgOj5dqDU1mJPKyDl-ZTqhg6wFcDcZFG5ncNQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 17:44:34 GMT
age: 82520
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8914 bytes)
Hash
dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 68568
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

220.128.133.15/findjobs/public/assets/others/news.rss

220.128.133.15

200 OK

214 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/others/news.rss
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (5099), with CRLF line terminators
Size
214 kB (214125 bytes)
Hash
2e4a078a60f2f6212bb6576c37db2944
ce0ee83d97402d1a48b80ef112ad36341cdf7147
95346b1a4804ceee9c6e9ba90e13c4afb4fe0d02ce7a5cb1db903bd17e75fdcd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /findjobs/public/assets/others/news.rss HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 06 Dec 2018 17:26:06 GMT
ETag: "3446d-57c5dcb2bc780"
Accept-Ranges: bytes
Content-Length: 214125
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/x-rss+xml

220.128.133.15/findjobs/public/images/Icons/link.gif

220.128.133.15

404 Not Found

276 B

URL HTTP/1.1
220.128.133.15/findjobs/public/images/Icons/link.gif
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
67ac8ed211939783ffba827bd13506ab
b55fad2e53b19b094181321ac77704afb494c730
e1f2ae87dd4c9c43c0ab794a980608804e639aa710a331e01e3a42465601e805

HTTP Headers

GET /findjobs/public/images/Icons/link.gif HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 404 Not Found
Date: Sun, 25 Sep 2022 16:39:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 276
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

220.128.133.15/findjobs/public/assets/img/favicon.ico

220.128.133.15

200 OK

68 kB

URL HTTP/1.1
220.128.133.15/findjobs/public/assets/img/favicon.ico
IP
220.128.133.15:0
ASN
#3462 Data Communication Business Group

File type
MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Size
68 kB (67646 bytes)
Hash
3d7c33cbc0fb42ce139c68531cf3ffc9
4607911b88adff865427fcc0200f101791f75695
00819fdbc03de3ba1d407629d22d9aba7858e46ef299542c80a20a7e17be6a78

HTTP Headers

GET /findjobs/public/assets/img/favicon.ico HTTP/1.1
Host: 220.128.133.15
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://220.128.133.15/findjobs/public/

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 16:39:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 15 Nov 2018 18:17:16 GMT
ETag: "1083e-57ab80f7d6300"
Accept-Ranges: bytes
Content-Length: 67646
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations