| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash09a973de929ab7452edc342c780d3668 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8040
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 22:09:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashafb65a07bf7214addf83d17a53acba32 a8e973204431320aa7b362a4e73944520c4b51b9 46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4505
Expires: Fri, 23 Sep 2022 23:24:33 GMT
Date: Fri, 23 Sep 2022 22:09:28 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 18.165.201.103 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP18.165.201.103:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 22:05:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ad6a59dd9fdc1afb57f7131fcd96bf20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: uQGZlDv-dPfrhDE1MD_y985eT05HxMbday12YTeh5P3WPEBvk_OmRw==
Age: 252
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OBtSa4T3+q5e6F5ilwoaN5BUyl0R/1gzCM55NrgjdUCoPgdJgEN7T31KCH6BTGv4shRRQap/YrY=
x-amz-request-id: 495NS4JJXJV77J1X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 21:44:39 GMT
age: 1489
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/pid-4i6q_p0 | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/pid-4i6q_p0 IP142.250.74.3:0
Hashc54508a301bc027b4326f329a3b612ea 1a88febe08e0d561d958af79d613e517a5498bf8 539a14942a3b2759be205c3bdfb79f20197bee8bb7e4d8b868faca9b47d434b4
POST /s/gts1p5/pid-4i6q_p0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:09:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/pid-4i6q_p0 | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/pid-4i6q_p0 IP142.250.74.3:0
Hashc54508a301bc027b4326f329a3b612ea 1a88febe08e0d561d958af79d613e517a5498bf8 539a14942a3b2759be205c3bdfb79f20197bee8bb7e4d8b868faca9b47d434b4
POST /s/gts1p5/pid-4i6q_p0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:09:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2 | 172.67.164.11 | 200 OK | 18 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 18140, version 1.0\012- data Hash6c8fe1156552769b5e65e3fc1eb81395 0339dcf247cb98781cb26174bf7810e15a394310 25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 18140
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "46dc-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuvHaaVUuNsWtHwL4bOTjXODUXyytVtkVnhb1rd1tEh0GJv6UdqyUCqPLC9FNPl6PzDwtmKNa9pOzT6Mv3AWqFR3l7GXDN0v%2B5t5cBHTTPkh0sc62cAqv679QK982JLl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb220b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 | 172.67.164.11 | 200 OK | 18 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 17892, version 1.0\012- data Hash4c9045c151fd584835340bef1292fa48 7b550140ce90c15ae16efb7913717746b2bf8a06 661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 17892
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "45e4-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGl0%2BERfmhdZ15mBo7MAPp2K7FtvcJ6UD36qtGT2JucdCNeTTffuMt5km3qJysJjJYulgASNzppYjCrIsOTKHY0O6JuL8H8iToaTxGVZKGTPG%2B6msb8OA%2Fa7aaXz68g8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb210b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 | 172.67.164.11 | 200 OK | 20 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 20244, version 1.0\012- data Hash195620c524ec7c323db8fa3ceccb9cd2 9bc9e6e59f737f89acae0fd7ab5e323dfed48579 dcd743060b3c09ccf5003db3bb4b85fbe7a71d176638dabbf089669ef3f787c4
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 20244
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "4f14-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bshaCYtE0dohPQhQRJfLvp41FNsUDTTh5eyHRmmAi25RcxVp4qbCRNX%2F%2BVD0nzghvCXI%2BotynfSCkM7phq4q8IzSB2k2JZxM155GG7N%2FcMH9rwYNMCJmwmjl0VmYsN2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb2b0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 | 172.67.164.11 | 200 OK | 18 kB |
URL HTTP/2magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 17892, version 1.0\012- data Hash4c9045c151fd584835340bef1292fa48 7b550140ce90c15ae16efb7913717746b2bf8a06 661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 17892
last-modified: Fri, 12 Nov 2021 23:56:58 GMT
etag: "45e4-5d0a036e6e680"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUSKb%2BoLcho6bSg7QmDBk4BpuvuGPbQGQL2onBonVRllV0xTv7s963ubLBdse5qEU179qF%2FZYGopJ8ZR%2F1%2BJDOwoDyVk8bTP5BDMO62aPQqa7LNSJYrO0kOFkb8TTeBg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb270b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2 | 172.67.164.11 | 200 OK | 18 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data Hashf755825cfc33424de53229ed51a48547 7d55a33fb68b5743cf7a5adfe7b424752e1cc52f f898f65ddbfb8e0b9ecf86132b0fa3ed23b5cfa87d599e7b5364c5b3ef7e5c1c
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 17508
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "4464-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joWHsD4U0Zb8uGPuclnjx9ULYTMhJ0GkUK1%2FSXNwZJ%2BnWukXuBHyuVFhuzsL8vjDgk325lpcpGdnItuAxWrA5L5a7v0p9NdVMuhlvYjoECY260GBNLisd%2BG7e7bIkDQ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb330b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 | 172.67.164.11 | 200 OK | 20 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 19856, version 1.0\012- data Hashc2237a47b207b79d49dacbc6767f094b e9e4bc7effa06252f6ccf3c8aae0910ec7a5d2c0 eb3d38629627f709b3ce3cc9d8e853a71d45d3f776a1c5ae28251bbdfaeee44e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 19856
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "4d90-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTaw4n2TaB%2FF6tBjDkbZGLALVD2e9VHqMA1XgnbvG9XyqY5b0S%2Fe0zzqxd8qkKqtiKnh%2FEXg%2BLTarJCYz3k08ixbtO%2BhxBXcqDNbSqnSdaxvcpfAhdE%2BVcMbFv0nIlba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb2a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 | 172.67.164.11 | 200 OK | 20 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 20336, version 1.0\012- data Hash63b41291ead223dee31d35f314b7968d a261ce8cf48c373966e114365d6132121ca08876 44ea8da2d545e55cf9ecaf0d4f7936cf83ba9476dcbb833b3e8152f6d3f171ad
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 20336
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "4f70-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rpl5%2BFqmcB%2FW7X5Dzt%2BxaM1ML%2BiZerFLWTJT3BPzJxzgHPp3tKRG3mkz3nj%2FyjnmC3aATO2kqbedD%2BIQo%2B9CwaCSDj5O%2Bwh9QDvawY5wBw87DrxWQmNpMKHQIfE5gmc2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb240b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 | 172.67.164.11 | 200 OK | 20 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 IP172.67.164.11:0
File typeWeb Open Font Format (Version 2), TrueType, length 20492, version 1.0\012- data Hash943eded538dde6a0dfafee5453aa6dcf ce3c14529df937462fc9e6f7b3a853785b05a6f0 6941f9570d5085cfa2ddba639611d4a5ab3e9aded5e3eb2139dc23e613b20067
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff2
content-length: 20492
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "500c-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdeTdVFnBUmF2Jamf7LWuFnaXZJvSSU10Mgw283X1RRrVt%2F%2BKcA1CUjh2QHoP0OtkqxeC%2FDqzeuRzZ%2BZ83AqNzT7LzPUo%2BoKXdQAcDdAdgZwox8H6aOBKitxIrSuSQ0%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb2e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.itau.com.br/content/dam/itau/cartoes/magalu/magalu-logo.png | 23.38.200.79 | 200 OK | 5.3 kB |
URL HTTP/2www.itau.com.br/content/dam/itau/cartoes/magalu/magalu-logo.png IP23.38.200.79:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash7fbc42a4b63120dc1521c416c152f994 be360cff67eb29ef6fe12445623d47eb0cc104c5 91059ccdd65c1496d764f84ece42376760652ea7c734fe0c0dd0b086c91ce6ef
GET /content/dam/itau/cartoes/magalu/magalu-logo.png HTTP/1.1
Host: www.itau.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3be9-5c23d8df52480"
last-modified: Wed, 27 Oct 2021 16:10:17 GMT
server: Akamai Image Manager
x-serial: 215
x-check-cacheable: YES
content-length: 5316
content-type: image/webp
cache-control: private, no-transform, max-age=838955
expires: Mon, 03 Oct 2022 15:12:03 GMT
date: Fri, 23 Sep 2022 22:09:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
access-control-allow-methods: GET, POST, GET, POST
access-control-allow-origin: internet.itau.com.br, internet.itau.com.br
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff | 172.67.164.11 | 200 OK | 139 kB |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff IP172.67.164.11:0
File typeWeb Open Font Format, TrueType, length 139296, version 1.0\012- data Size139 kB (139296 bytes) Hashd9a9d074200e6425c65c57cf3fbc3420 5506f29e197e139759be1528d09242026e27ff10 0627930b6d4838fba88a1b6a456ddcec05200a7a0596dc2ac57e2b9180736e83
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: font/woff
content-length: 139296
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: "22020-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3w3Op2ijAfraQv7ClROE3VnGLHJHunpduscQ7izvwLBzFNb2FRkUEgdBszJYtRbOIid9yXy8Z9fNJNHSHozGlzYc5KqgXBWzOFZqthVSEw3mITozXR2gkk1%2FpUdpE3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b340b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 18.165.201.103 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP18.165.201.103:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 21:33:00 GMT
Expires: Fri, 23 Sep 2022 21:34:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 507372273c5029d1ae2439349f7f1458.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: dxOxRIsEI8hN619eI6mgiVnF5KD_LqFuqtx8aL_qnGGRZ6DRZFmJjw==
Age: 2188
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf714931cf870bfa33815fd259b7246fd 38e411ef8ca1b31ead8415ee5f21d98bd9653a86 897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3754
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:09:28 GMT
Last-Modified: Fri, 23 Sep 2022 21:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 35.161.6.128 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.161.6.128:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DTvXIhmtzKIxROz9+ecVcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0kGVFUSgi2Il2wpdZKVWSSH120k=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:09:30 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:09:30 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:09:30 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:09:30 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash02a682b4703bb9d6381c762726c05531 1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54 fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 1264
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf10a12719b387d176497669ba75f0acc 16e42ba7b20555bf5a8615e5f4bb561204aeeb5a 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 86262
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css | 172.67.164.11 | 200 OK | 9.1 kB |
URL HTTP/2magalfest.com//etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css IP172.67.164.11:0
File typeASCII text, with very long lines (2201), with no line terminators Hash5bfbb0279ecb545ec38a5684bf8efdde 2cf8dfee6a25cbfca15dd749a9c9c34ece7c808a 572d5a4d2d2eba69b6c956c91da72cab5203cf471c96758539fd71568ef03213
GET //etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 23:56:58 GMT
etag: W/"899-5d0a036e6e680"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm4Ji6ZkHMa4huOn4hrtKM3oOt3idvdYItdhbar8M2Xg0OiEXVLFRJ6iZyNFzopWFJAQS%2B8lH%2FVZoZ8InubZdNy36y8HxOPtYryUVLAwqDWThnXeKywoy48a23SKgCbq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b380b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1985a957e6bc0c15d8489fa731e7f14e 4584bff61bf4d5c9b8fd3b97c048a8e6975e4323 9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IKhfVQWVUnhvct2w5S1BB3y79gpEZ6UIB8T6tOdg0532Hxo4BpXFXQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:19 GMT
age: 971
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js | 172.67.164.11 | 200 OK | 208 kB |
URL HTTP/2magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js IP172.67.164.11:0
File typeASCII text, with very long lines (65451) Size208 kB (207738 bytes) Hashc8013358f3515c2335ece963fc89a107 9c52c14470ab80c6ff2736e48377c1fe4e5a67d1 926d8791d2a503e9ab2b72148f7a2d38cee7c55eb8387a63a427bb358d6ba76e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: application/javascript
last-modified: Fri, 12 Nov 2021 23:56:58 GMT
etag: W/"b7030-5d0a036e6e680"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iHcXHKMIaT7hp5%2B%2FYRgEIGOuhb2z0Mn3FEl%2FHQ899iV6fdbDLAc8wtC03k2aHVW1G6wPw1sKcDSdsD9DJ97TVXtLIjRemcDU9Ku5SA03GXTKEDvwsJPLfLH3sCnr3Dr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b4a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb877ead4a15221fdd278ef27f281a7ec 48c10714503e8dfdd3e3c3d39b919ef2792f0d15 f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:08 GMT
age: 262
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css IP172.67.164.11:0
GET //etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: W/"14ecb8-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajRfoF%2F7RziZ9jBCElp5Zm9OBBoWN5pklQg6gw4VvGqdyC5%2Bd%2BbWsOW5b3nbKA%2FoFcFIsyd7DeYHC01uTz08juNWW7%2Fwv%2FOq5ZyCfMAfPe1WugvMaWaelvTsu6xNejRn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb200b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js IP172.67.164.11:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: application/javascript
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: W/"e22-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUIHFqz39EeQogkpzRk5CUynUo2xN0TsWSYGjUL1SxjTuc0YTVLD0s0h%2FkOJqjNH2q69njplX%2FBhWsklPdmlQzjQzUQ2mKH4dhuRr24h48%2Fvqr4cutOXRWsnKP3Wjc%2FQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b4e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js IP172.67.164.11:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: application/javascript
last-modified: Fri, 12 Nov 2021 23:56:58 GMT
etag: W/"1de-5d0a036e6e680"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijoa%2BD7U1RvvhYmPGAe4NwkJXdCCk8IJX7W1S2WfWwbbBqLsfz7S78e3V%2FEHH2MKAucdRGO15z0s4ulxZB5SJIfOAuPPlckHXifQGKpfKbLKmNDIFdqpQ7t4IrkTvfwO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b3d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css IP172.67.164.11:0
GET //etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 23:56:56 GMT
etag: W/"9c51e-5d0a036c86200"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf3vV5d89WPpFwsc0R21Szv%2Bwl3N1bmEdrDBx766QTw3Y1sw8n7TcOHDXHnLypymhuBb8SeTta4FeydSfKrP2CAjcU7BSp%2BcKKaENaUgfQsmtriFzFlMN3y9NzkzXnrl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad8fb1d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js IP172.67.164.11:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET //etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magalfest.com//index14.php
Cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: application/javascript
last-modified: Sat, 28 May 2022 21:39:48 GMT
etag: W/"101eeb-5e0194317f100"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7kd4RbLCE7jMEEAwwxep8oR43v9zmOiSi5lCfXMPJ4meSP56EyCxQy0x43Urk%2F%2B3QLjKdQf24SsZXvxLDfZUKkCmw6v2k08f2owIfjF4Nyrz%2B3rRPT9%2Fpb4TcqTg7TG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f69ad90b510b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magalfest.com//index14.php | 172.67.164.11 | 200 OK | 0 B |
URL HTTP/2magalfest.com//index14.php IP172.67.164.11:0
Analyzer | Verdict | Alert | openphish | Magalu | | fortinet | Phishing | |
GET //index14.php HTTP/1.1
Host: magalfest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:09:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
set-cookie: PHPSESSID=0orcs81koqtdn3qirm225r1rjq; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=598Yeh%2FYyNJiQckbJuyJqp9W3ghuA3%2B8Xpw5%2BqiWg9ilct4QdmzGMpFFrmTC51nGsKFARqjZ6CppZMYWVemJ1aCK9vUZ60tTrGBEAk5RT9V2TgcorCZKWNeEDCVigt%2F%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f69ad7da340b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|