Report - qa-sip.enel.bestserviceit.com.br/

Report Overview

Submitted URL
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56
ASN
#14618 AMAZON-AES
Submitted
2023-02-03 23:46:28
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
qa-sip.enel.bestserviceit.com.br	unknown	2021-11-09T16:30:52Z	2023-03-10T04:40:02Z	13 kB	193 kB	54.152.84.56
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	95.101.11.115
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	434 B	1.8 kB	142.250.74.106
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.163
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.208.13.28
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	520 B	46 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js	Phishing
2023-02-03	medium	qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js	5.2 kB	2023-03-07	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:19 Last Seen2024-03-01 12:30:10 Times Seen49 Hash e70dbba138f2bcee6baf39f99f267bd8 baeae91e66b56adf9b65d586efb90c231c35fe92 3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js	9.6 kB	2023-03-07	2024-04-17
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-17 03:43:18 Times Seen279 Hash f35b3230007335b610a67fe27e9c19b5 4d1ff795d8ce96081c46af237b983b02f2b4536d 1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js	15 kB	2023-03-08	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2024-03-01 12:30:10 Times Seen44 Hash 43c0407d57eb40a51231a6fc9241fdde bdbae790e12d661f3b652e9a4f6c9df206a7b7b9 91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2024-04-25 23:50:07 Times Seen951 Hash fb0e635db142b1b9fce20fe2370ec6cc c5c481ca5a263031d938f6c12abd2fe5fb4b6a83 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js	17 kB	2023-03-08	2024-01-08
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2024-01-08 12:29:00 Times Seen30 Hash 7f2c139eba6511a4dc505bd2c878c1fe c8649ab4be98f4acb22692d8def58ac079833fa7 4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js	16 kB	2023-03-08	2023-09-15
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-09-15 18:09:40 Times Seen20 Hash a32a928f026244d2753ddd823f6cccfb 8853170dd7404ba8ca435350bd11b31591a8128a 81486793a8c573d69b9ed2e2df8acfcf4c792483461506a50cacf64f2004e558 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js	3.4 kB	2023-03-08	2023-05-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-05-28 00:41:09 Times Seen18 Hash 8755f639800e84fde126976ec227cab1 4facd63b7bfbc94d54cac1d1f4d6811886a01e56 ae119e1e4ced7954e2f315ed98d4cc43ecd2fd6955018de3de73782f57a4bbed Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-26 11:35:19 Times Seen2092 Hash 0e8b7d96265599258e88bff700adff2a 1a4d3936393fd3ec3470dbea7d428e053e07cef6 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js	24 kB	2023-03-08	2023-05-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:35 Last Seen2023-05-28 00:41:09 Times Seen9 Hash 3bb061e24f67f3899ae0e36f287954d9 ee363ac1d4ce974230425465bce597b882dc1d33 991727eba9303c6d7152cffbba5fd714dcb5f042dfa5a530cda0e2939b8a402d Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js	75 kB	2023-03-07	2024-02-28
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:01 Last Seen2024-02-28 06:00:28 Times Seen98 Hash 0a3a08dc01bbd8d727372c0a0f2b70d7 cfe6c3a94e058178d187751846c3af1092f12336 9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1 Loading...

	qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js	1.7 kB	2023-03-07	2024-03-01
Pretty URL qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js IP 54.152.84.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:19 Last Seen2024-03-01 12:30:10 Times Seen47 Hash dec863c7439351d4618a61bf4646c71e c49994e44dd5b54b16ee1ebbc0790817edd444c1 ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612 Loading...

HTTP Transactions (52)

URL IP Response Size

qa-sip.enel.bestserviceit.com.br/

54.152.84.56

301 Moved Permanently

164 B

URL HTTP/1.1
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
164 B (164 bytes)
Hash
7c080dc9cbe64cfa46d986a58f8a36d0
86ac6b73ccb006b85b0025945da612d449f93048
d408b7dd325ab88c89e9c699bf2a43626064e8a32b58ac31cc026d1f0d91432e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://qa-sip.enel.bestserviceit.com.br/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 03 Feb 2023 23:46:18 GMT
Content-Length: 164

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16533
Expires: Sat, 04 Feb 2023 04:21:51 GMT
Date: Fri, 03 Feb 2023 23:46:18 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Sat, 04 Feb 2023 00:47:44 GMT
Date: Fri, 03 Feb 2023 23:46:18 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 23:43:35 GMT
content-type: application/json
age: 163
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11385
Expires: Sat, 04 Feb 2023 02:56:03 GMT
Date: Fri, 03 Feb 2023 23:46:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cpeOLWagBRDV3cuVkQaAtkEy6vPwkS4n8uZNtJtjTH+XkRyANU/b70PnUqFF4Ec/sntjgIBPGCQ=
x-amz-request-id: KDGNR4R100H6CMJ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 23:23:46 GMT
age: 1352
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:46:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc5fb848616ef1ad2a7b3c6ac777a2e5
55590c977762685863358427b0145a19cee89509
4a50dd78130e888da5c2590895fcbc93d52df0094220f47a949c9d205a381910

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A50DD78130E888DA5C2590895FCBC93D52DF0094220F47A949C9D205A381910"
Last-Modified: Fri, 03 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 05:46:18 GMT
Date: Fri, 03 Feb 2023 23:46:18 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 22:49:06 GMT
age: 3432
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/

54.152.84.56

302 Found

0 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
cache-control: private
location: https://qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:18 GMT
content-length: 0
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F

54.152.84.56

302 Found

149 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/Account/Login?ReturnUrl=%2F
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
149 B (149 bytes)
Hash
e01960bdb3bab802c502c7b13f4292a6
c8921fdd686ccb8fab9d6e13d7fd0c1175309860
38f4d1e6ff97cdd6479a84d97ec7d1bb8f5c17ce3602116497c6756e43870c1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Account/Login?ReturnUrl=%2F HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: /Account/LoginUser?returnUrl=%2F
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:18 GMT
content-length: 149
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2196
Expires: Sat, 04 Feb 2023 00:22:54 GMT
Date: Fri, 03 Feb 2023 23:46:18 GMT
Connection: keep-alive

qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F

54.152.84.56

200 OK

2.7 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (316), with CRLF line terminators
Size
2.7 kB (2653 bytes)
Hash
9d8f0c88f07e05c10b11637fd1987558
ce55986ea71a836697b9465d477d2d62da19d502
f2a4a539fe183d748533edd9fc165f656284981585e76be6a17c28aa3f7c51ab

HTTP Headers

GET /Account/LoginUser?returnUrl=%2F HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:18 GMT
content-length: 2653
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:46:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/simple-line-icons/simple-line-icons.min.css

54.152.84.56

200 OK

2.6 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/simple-line-icons/simple-line-icons.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (9503), with CRLF line terminators
Size
2.6 kB (2581 bytes)
Hash
a1f7103d9c000d90069b272642386e84
c638ba522e88d4bbd35dee58415d1faf080b63ed
f0ee535ca4aed7ce0f554d8f7f8721759962eacd733037a1daeb785efe6ab08d

HTTP Headers

GET /assets/global/plugins/simple-line-icons/simple-line-icons.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "275b7bc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 2581
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/font-awesome/css/font-awesome.min.css

54.152.84.56

200 OK

7.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/font-awesome/css/font-awesome.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (26548), with CRLF line terminators
Size
7.2 kB (7152 bytes)
Hash
b479a4d984484b0ad78eb24934f46a84
03c36a92451f8c948981d77079ad6f2f7029fed2
424945e95e6e211deda0a208f9a5fb3ad2708d14250cf1f731d72606f7939592

HTTP Headers

GET /assets/global/plugins/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "ab8339c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 7152
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css

54.152.84.56

200 OK

1.7 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (5487), with CRLF line terminators
Size
1.7 kB (1725 bytes)
Hash
0a23a8acfa1ac9cae35f8f23c3a7bb50
ec1422709aeb2a3a152755f7aa2fc11a8ab379f5
698bb6b14c11a0f830881f91c10eebd44d3f2a80eaf4f90407b009ce98de9e65

HTTP Headers

GET /assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "6992fab9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 1725
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2-bootstrap.min.css

54.152.84.56

200 OK

2.9 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2-bootstrap.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (15550), with CRLF line terminators
Size
2.9 kB (2889 bytes)
Hash
969f217b299876eadae613302cf1519d
de820993367ab8f97c204f8801b15ce88bdb71d4
a11b42a7008ec5b75423f8e57ee79423f4174fd460c3f3397f7439fe6620a5cc

HTTP Headers

GET /assets/global/plugins/select2/css/select2-bootstrap.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "e14d78c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 2889
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2.min.css

54.152.84.56

200 OK

2.8 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/css/select2.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (15195), with CRLF line terminators
Size
2.8 kB (2795 bytes)
Hash
9c4a4bd3905a6cb8678afb0aca2db3a9
fc3146b6d6b404f82debb540d7b0370830682df7
7304ec4f73a8dd7bb32ca5e42827c3299cb33695482887ea96cfd380ff88b930

HTTP Headers

GET /assets/global/plugins/select2/css/select2.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "6d6178c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 2795
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/pages/css/login.min.css

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/pages/css/login.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3322), with no line terminators
Size
1.2 kB (1150 bytes)
Hash
c5cbeadc07875317f63825e664d5ded4
7a6fb10138e04f2bdf4abb1e530eaece09369596
2a1ee824987691c3cd4a33b7ffdee454bc35a0a09c0a0352a9afd54bdc7771e0

HTTP Headers

GET /assets/pages/css/login.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "fd76afc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 1150
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/css/custom.css

54.152.84.56

200 OK

977 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/custom.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
977 B (977 bytes)
Hash
ace7c368cdff1ac7ff255afdfa395725
edfc3a3014b8e9d5858af6913be278d893ae214f
770c83362f0b8f1a3a6667acea477856af6471a33ca63cc5dacc29bac4964279

HTTP Headers

GET /assets/global/css/custom.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "f06a6fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 977
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all

142.250.74.106

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1198 bytes)
Hash
3a07c32c2b79d6aab00d0620e45235f1
8a9bde1210e6b57118e6461f80a17787b8abd248
f9dc9386b97edd47b7a9ebe191431a755a4351a92e081efdf88c33e97811589a

HTTP Headers

GET /css?family=Open+Sans:400,300,600,700&subset=all HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 23:46:19 GMT
date: Fri, 03 Feb 2023 23:46:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.208.13.28

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.13.28:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l9vpqBMu0ph8B3YplDfNfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U62KkcdHPBqZQlc2UiaSPKEayJ0=

qa-sip.enel.bestserviceit.com.br/assets/global/css/plugins.min.css

54.152.84.56

200 OK

11 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/plugins.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (32345), with CRLF line terminators
Size
11 kB (11178 bytes)
Hash
19931664f1590bbdc7ef61c134c8cca1
4cf80305aedc101064275fba2006366032048a8d
712f97a118781c76bba9776a6583cc58ab7b166d4e1d6c38889f1e561225c728

HTTP Headers

GET /assets/global/css/plugins.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "2ae06fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 11178
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/css/bootstrap.min.css

54.152.84.56

200 OK

28 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/css/bootstrap.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (65350), with CRLF line terminators
Size
28 kB (27838 bytes)
Hash
030d42b63352690b0217ebce4f7857fa
abfa5c31801cb804bcc2f53f47fa22614db005ca
d0d12520bb6ae3dd5d319f698776fa84f531a913ed00cc01e6498e4c5fd634ae

HTTP Headers

GET /assets/global/plugins/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "fe904c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 27838
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/elp-logo.png

54.152.84.56

200 OK

3.5 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/elp-logo.png
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 100 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3544 bytes)
Hash
e3729109fa83cdc5d71b6565a2ef48a2
8610bd1596c538c98d5406965dd02d0b0fc58580
3ec05973a53a52c49e2936dab7e51bc13027607594e959091de0eeecdf272755

HTTP Headers

GET /assets/layouts/layout/img/elp-logo.png HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "42fc9ec9dcfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 3544
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/js.cookie.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1572), with CRLF line terminators
Size
1.2 kB (1193 bytes)
Hash
8ea7c28e31d96845b5f5bb202b54f5b9
97ffde690934616acfa4f5d13dd8be135b9b48eb
8f822018d9fbf31667ea4fd82f9f50a08d3e0dced16d7d9f3d290c53c90c4d0a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/js.cookie.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "445d5ec9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 1193
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js

54.152.84.56

200 OK

2.4 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4889), with CRLF line terminators
Size
2.4 kB (2422 bytes)
Hash
ff04a425eec3cd82a2abbd9a2f03a885
f97104f97d21a9e8914818de32d92b0cb05b5296
72df45c564caf9f6b6b2131c55406aec0cac723acf6808a3536fbb7a869be214

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "129556c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 2422
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js

54.152.84.56

200 OK

4.3 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.blockui.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (9162), with CRLF line terminators
Size
4.3 kB (4251 bytes)
Hash
fdc3c337fea880e87cb2f3d4e785dc92
4db2b2c1a216b5984b5050f8bbf2dc0f736db2fe
e0db875e0d624f2c0769bf1927173780becf17ad458ddeb7763e3de3943cff95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery.blockui.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "82885cc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 4251
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js

54.152.84.56

200 OK

4.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (13933), with CRLF line terminators
Size
4.2 kB (4175 bytes)
Hash
975b98c0968812648ee9eb9ba5c15743
e7c2dc3d6f318e5e27dfaa76dd864342f2f3c8da
f1db9a22277f8a25071f20edacbe2b6a9bb6553058c832641eb61e59b32b7369

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "79b9fab9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 4175
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js

54.152.84.56

200 OK

43 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32077), with CRLF line terminators
Size
43 kB (43309 bytes)
Hash
9499ec17a79fc672ce66800640c75cf6
3b5cbaa5d9d91c330efd81b67ef4459377d42716
6722bb50ad70f6c7f7d198f8f55cb41e03662ebd397f63bdac9d1f89bee13b99

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "92af5cc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 43309
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js

54.152.84.56

200 OK

13 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/bootstrap/js/bootstrap.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32003), with CRLF line terminators
Size
13 kB (12962 bytes)
Hash
06ec3dd286901a694fdbfcc073438062
7065edeb85ee215f62a3afc15a380ba79ba4ac67
f449c14c8af86f47973b37ccadc4c48669ad9d5e1808904362ef750d525832c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:22 GMT
accept-ranges: bytes
etag: "3a2d5c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 12962
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js

54.152.84.56

200 OK

9.0 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/jquery.validate.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (23619), with CRLF line terminators
Size
9.0 kB (8996 bytes)
Hash
23f6407bab19afd967cbdbdb2a517da5
27b33fc6fdf6ec7dce6b8d848ad9bd861bc1df3f
32def9e8f8b705ddf46405e5ac521fd3d981bc0709ea3c5a8462dbd1e2c13465

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-validation/js/jquery.validate.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "a5f457c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 8996
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js

54.152.84.56

200 OK

6.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/jquery-validation/js/additional-methods.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (17065), with CRLF line terminators
Size
6.2 kB (6192 bytes)
Hash
2083cd0c9ff1b6e817649b15366a2997
e0b6d3d606d53cf63aa1c897921c62737892a85d
b0bc8a6ff1ad89904e19d705adcbea6d8516527927bcedd6e10cb9ab52f3523d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/jquery-validation/js/additional-methods.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "89cd57c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 6192
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js

54.152.84.56

200 OK

28 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/plugins/select2/js/select2.full.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (32091), with CRLF line terminators
Size
28 kB (28102 bytes)
Hash
cddeb29200106f0ad0a70973b6c1570e
fe67f92181df5532b833366c676848e02a833a39
7eea0fe496f73f68afc36cf6d6d1755b400b2590be0fa0d4047447be3c30a16c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/plugins/select2/js/select2.full.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "b6497ac9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 28102
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js

54.152.84.56

200 OK

5.8 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/scripts/app.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (15508), with no line terminators
Size
5.8 kB (5752 bytes)
Hash
6c325e74311a6d1a1dd2a1bb0b6037b9
8ceb0f10c96be0137832223a9c5701f30866ab3b
789db9955d733c203ff21453d059fbf5b266a14e1df18ea271f498d9b7a9e148

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/global/scripts/app.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "95299cc9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 5752
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js

54.152.84.56

200 OK

1.2 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/pages/scripts/login.min.js
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3374), with no line terminators
Size
1.2 kB (1244 bytes)
Hash
7bb5eeed7eb01b0809ca6c73e891eefe
bf201f9ffb0ac43a0412cc6d6d55a52e3407e3d1
5d60b8e9cd5809ae1880a67f63e24b57509a7bc5edb83687933f1735e3e66900

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/pages/scripts/login.min.js HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "c9a0d3c9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 1244
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:46:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:46:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qa-sip.enel.bestserviceit.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 363218
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:46:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/favicon.ico

54.152.84.56

200 OK

1.6 kB

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/layouts/layout/img/favicon.ico
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1619 bytes)
Hash
5fdf5b7f53691c522cf2d27756399033
03e6cce6caff23eedc48f8d6e472c4f0d7441467
6682d3123fcff6886aa0a867a504a3179ede568302f760c5941bc57992662f36

HTTP Headers

GET /assets/layouts/layout/img/favicon.ico HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Fri, 23 Sep 2022 22:37:23 GMT
accept-ranges: bytes
etag: "42fc9ec9dcfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
content-length: 1619
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15663
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:46:20 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15663
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:46:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3868 bytes)
Hash
77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: 5ae7dc8b-55a8-4500-84ef-938727459c1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqHskoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-662f24ed24651faa2323de32;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mk-qCGW538M5F88fom6XC1UmuzHd7qqEDUQQBdu-tVFn7-I4r547sg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:42:12 GMT
age: 3848
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15663
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:46:20 GMT
Connection: keep-alive

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 6389
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8267 bytes)
Hash
99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 5617
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6718 bytes)
Hash
45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 6000
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 6059
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13065 bytes)
Hash
cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:55:01 GMT
age: 6679
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

qa-sip.enel.bestserviceit.com.br/assets/global/css/components.min.css

54.152.84.56

200 OK

0 B

URL HTTP/2
qa-sip.enel.bestserviceit.com.br/assets/global/css/components.min.css
IP
54.152.84.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/global/css/components.min.css HTTP/1.1
Host: qa-sip.enel.bestserviceit.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qa-sip.enel.bestserviceit.com.br/Account/LoginUser?returnUrl=%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 22:37:21 GMT
accept-ranges: bytes
etag: "f06a6fb9dcfd81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 03 Feb 2023 23:46:19 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML