Report - agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

Report Overview

Submitted URL
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
IP
172.67.222.251
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-28 09:37:21
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Navy Federal Credit Union
Phishing - Navy Federal Credit Union

Detections

urlquery
17
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
agileprofessional.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	729 kB	104.21.17.61
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	172.64.155.188
www.navyfederal.org	28885	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	643 B	339 B	23.53.55.214
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	2.1 kB	142.250.74.163
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.8 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	34 kB	216.58.207.195
web.navyfederal.org	96087	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	657 B	342 B	23.53.55.214
liveengage.navyfederal.org	103018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	761 B	1.3 kB	178.249.97.98
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
my.navyfederal.org	90732	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	14 kB	104.88.20.141
rnemsg.navyfederal.org	119785	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	1.1 kB	147.154.117.92
lptag.liveperson.net	3393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	835 B	10 kB	178.249.101.23
va.v.liveperson.net	3906	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	1.2 kB	208.89.12.87
accdn.lpsnmedia.net	3410	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	904 B	3.5 kB	178.249.101.99
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/recaptcha__en.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/img-billboard-BG.svg	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.woff	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/toolTip.svg	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff2	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.ttf	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff	Malware
2022-11-28	medium	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.ttf	Malware
2022-11-28	medium	agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa	Phishing
2022-11-28	medium	agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js	47 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen163 Hash 382e834e05eee66f0a63b4ee11e4d3a0 ac4dd6cb0f5b0f3e7605a1a8cc04a1f7338ee42f 4c6cc5fa944ab60fee83411cda54a8f6e82fe54105e641a144e7bc33dfe7205b Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js	7.5 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen150 Hash 01b858916957e3870308909c7076f556 2473567555dcdca88b29fb8749124c682eeb889d efabe5e66d3050a56038cc09a5ae655cc6636d6ccea5d0d87de0ce89d2bafee2 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js	3.4 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen149 Hash ddf9ee8c69c26f28ae9c9a025bf19b00 c3c5204a2eda0cfa8daee6640ae16923fa8d0a88 c091833941e2030950faf7805f27417bd6a685e715ba2b1245bd524486d8c30b Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js	850 B	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen145 Hash d3f6163faeb993c88e6d7319fb31d05e a86751934cba05ac62e02db4dfda74c99721cf08 0bf897707835ef8d47aa7188075757f98d13185292bd7b8eccb3659e2c19ed93 Loading...

	va.v.liveperson.net/api/js/11478817?&cb=lpCb8627x47420&t=sp&ts=1669628234228&pid=8493352879&tid=2676307283&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2F3456b8c8ec337000ba9c6d985e1e9bf3%2F%3Fentity%3D1994173&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D	250 B	2023-03-11	2023-03-11
Pretty URL va.v.liveperson.net/api/js/11478817?&cb=lpCb8627x47420&t=sp&ts=1669628234228&pid=8493352879&tid=2676307283&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2F3456b8c8ec337000ba9c6d985e1e9bf3%2F%3Fentity%3D1994173&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D IP 208.89.12.87 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:10 Last Seen2023-03-11 21:51:10 Times Seen1 Hash 9e389d37214b0b5d5e4c56f7e710d63d fd540d89faf86bd285e9787467608b806d9277bb 32303ef1da70fbaca8474b462da7fdc872da7f8c070e5cad895f324ec5857927 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js	4.9 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen159 Hash 26c4780f6299ba4f720dab0845618646 938da0075c2184a7c6094246fce05e6e0b21cf2f 35e2381bb52cbaa02e75cad7884d790260ebc1f611b6b710e8df10762d577575 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js	2.4 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen147 Hash 8f26ad6fa5294d8a49c7578811cc8a54 73561359c7e366898f25e578322322d52eb60d0f bfd0527fd2725ac551051f5efeb3c0a79dc815fc727e311706840907134db819 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js	22 kB	2023-03-07	2024-05-08
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-08 17:53:08 Times Seen555 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173	147 B	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173 IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:16 Times Seen107 Hash bb66a4127fad1ead559171c5652aa430 3f1d171fd64cb49e69811843d637637017efff11 719b26e771ae1df5dabdd63fc1da603cb57e3d7ec3c5bff77a8cba7bcf948e83 Loading...

	accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	2.3 kB	2023-03-10	2023-03-11
Pretty URL accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:14:15 Last Seen2023-03-11 22:12:28 Times Seen1 Hash 5d17323981eea71e6489c3edf6c7eded 2026634576cdfb322b8531991419d5f5a5050180 f818f0f900ef7195e5c41cfb26e6ad61b7aab28d815acc1c82839699265201e6 Loading...

	lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3	284 kB	2023-03-11	2023-03-11
Pretty URL lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:10 Last Seen2023-03-11 21:51:10 Times Seen1 Hash 8cd678b9a944112323c64a56cad5b3d8 3ea198a37220a720cefd696dd6dd718863714094 dc2d63bd0072004232dde8435443dbd936f935bda07db87c9e3af4fff1905b73 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js	298 kB	2023-03-07	2024-04-24
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:49 Last Seen2024-04-24 14:52:58 Times Seen407 Hash fb1817b96c65b6477cb55fedf53e86d9 5597fac79205084e13cce359229b070ae2638171 a28d76c983b06d87eb2c6d6deaff7e1d4faf32f12794a92bd5e21c754c06ed9b Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js	10 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen177 Hash a5de96ee976ec4a3647903f3875d74d2 dba3fa7ec8f8d8dc4c560c28b7153d65a40bd1a6 91524af503d413292988cbd0f6745342c716d3efa5fe8090ed0d72b1f34fc1b3 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js	3.3 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen152 Hash 1ee2f1c1cd8b52aeec09ca0a463784c5 53c4238525f66141adce181c7fa6ea894d87faf0 a27ad080fba819c7944d8bec0b732a4435b08372b0830ea988e34d77383d7108 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173	60 B	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173 IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:16 Times Seen114 Hash 891e157245486c9463cca56c6f3d46b1 55f1436336195681a40e02e193fbea571a387976 752d2805073d864ab5ead5baffd3f8dd48c477dd5fbb4471277f0ea6e3c25736 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173	118 B	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173 IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:16 Times Seen116 Hash 270a26f4bd7f191f36621711c23f58f2 f64f3f4c4d1ffd17ebcf490eb3d404000506282b e4c74d6497a6dd012372bbff21e9c07fa91676efae35b32a4277307a93a92f25 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js	20 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen158 Hash d1c10a4d0eb46eea9bc096a0ac839e86 e8e8a945aa8bf827c6d65e3a9e3796855db01254 922dcba31ffcce26f6f457bd0c08982fa134c32ac0d1bebe2366df18938ca645 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js	264 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen138 Hash ac14dc38991e4b350ee0c280ee28bd49 e5c286607803a63c8c706d36e1aaa228d88971dc d30dfeb09ca6ca5c2f6b4e4b4333c04a5051f103ff36eecf0b42772720eaedd2 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm	39 kB	2023-03-07	2024-04-03
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-03 19:28:22 Times Seen114 Hash 787b6efd86a86aa3cf30d1bc101685ac c1734b66a3035e6a563bbb60b43ab69cee84e502 008f51a4b0f851f47f470db8261fce505715d9edbdbff4e43c67c15e69bd0a77 Loading...

	accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb79828x5777	6.4 kB	2023-03-11	2023-03-11
Pretty URL accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb79828x5777 IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:51:10 Last Seen2023-03-11 21:51:10 Times Seen1 Hash 54227b018589e93e723a0d271d3cca78 cb11d856c866ce43264943e6d0633c552e545666 acafb68699ad95b24becfac286436a1e6715e394e6f66003cc405fc4f3b7b3f5 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js	31 kB	2023-03-07	2024-02-01
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-02-01 18:23:17 Times Seen177 Hash 76ee99405563373864c57f9093c526eb 75b2efebcdf0dc3ffcb3336204d3c3f9a7be39da 8d3acb616b3214c6f074d4540f95252a157b667d4018cd4c14241841bd11812f Loading...

	unknown	0 B	2023-03-07	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-09 03:19:35 Times Seen37455934 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa	72 kB	2023-03-07	2024-04-08
Pretty URL agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa IP 104.21.17.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-08 20:09:58 Times Seen386 Hash 335f2776eaf4ca7eca9953d2240c3316 5f5702f072d8e721dd3557ccd2a0944b3cc58fa5 ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5 Loading...

HTTP Transactions (89)

URL IP Response Size

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

104.21.17.61

200 OK

5.4 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (466), with CRLF line terminators
Size
5.4 kB (5428 bytes)
Hash
ed755473ab7815524e4beda893025750
ab889e5623b4ea724548fc9f6d5329644f6c55cd
bf40540fc321118c694a18afa7e468505b9e722eacb53feefad457905bc01cb3

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173 HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGfAa3RodXO%2FwrdIIB8k%2Bp1I3QIwcJjHbUDyT83H76Js8V2xgQflkhLVhMu0IWkyPef%2B2uqp8Oeoz4%2F20xqVLXraC8o7NRcaV1Q%2BWBJHfdSf7p16efl1cioEUxvnn5tHWKYcu6PorE6xC5s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f996e9d1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 09:37:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3559
Cache-Control: max-age=93202
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:10 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:30:32 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 09:37:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:17:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1164
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: X8iA8pJhLs79A3oTq6Zeotpos/1pZ9aK8xrYl3OSmUe9dH9xsavhNmwaByKyctG+o3H8ijdNq8U=
x-amz-request-id: 26BSD9C4Z80CXE0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:41:59 GMT
age: 3311
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:37:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/all-599150400912c8247ee1872211972b2a.css

104.21.17.61

200 OK

11 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/all-599150400912c8247ee1872211972b2a.css
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (50194), with CRLF line terminators
Size
11 kB (11007 bytes)
Hash
e625984b15bd12ed9b8cd85a99990ad2
a4241955bf78ae6809c39ed48cf8f07b9da2b512
7e12fa3353000af23bfd7c9129b6e8533b4f285e3367387ac443f1f5bb0671ea

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/all-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: text/css
Content-Length: 11007
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "c4cf-636d501a-c7b6881;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZXq76M3wzjOAIu5ZxCSyN3OFtoc5f8T3%2FPquJx90b1kINgjh2GfDSDd%2B39LJIqMeJlpyq4KzbCC1oD9a%2FHnHedf%2BsYkm%2BTlYhB2cSf1MtODdXNo8NxA4HADb8lnDzS5VsmaNI0UpoxtKhw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6e360b02-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
17c9251f8ba70b81b8125fe62663bb02
a74b718f0b771124a67176bb1e555ad6bcc058b6
d75593736a6343634236915b30de716349ab0bda14c8a6102e3b3fb06233f0bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:11 GMT
Last-Modified: Mon, 28 Nov 2022 08:22:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
17c9251f8ba70b81b8125fe62663bb02
a74b718f0b771124a67176bb1e555ad6bcc058b6
d75593736a6343634236915b30de716349ab0bda14c8a6102e3b3fb06233f0bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:11 GMT
Last-Modified: Mon, 28 Nov 2022 08:22:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
17c9251f8ba70b81b8125fe62663bb02
a74b718f0b771124a67176bb1e555ad6bcc058b6
d75593736a6343634236915b30de716349ab0bda14c8a6102e3b3fb06233f0bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:11 GMT
Last-Modified: Mon, 28 Nov 2022 08:22:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/css.css

104.21.17.61

200 OK

658 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/css.css
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
658 B (658 bytes)
Hash
b8e0523f47884490e8dd8d25335c1160
8805ce8da01ec802791550bcf1fc65c281cf96f8
f950644cdca8e5b60dfa41e35a0cfb40bd01055878dab34e3169c98e94b363f0

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/css.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: text/css
Content-Length: 658
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "14d2-636d501a-c7affc9;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zho%2BRJ3ExxCHWJxedaISsQVAFnqlEZi8y%2FXIlQHLlKDz%2BxsYemIJRvR9iJSbq%2B%2FHvlrZyay%2B6qd5QNS%2BhaLyVSEmNcSihWCG%2FL9rgEkL7xvfQC%2BpKp2apBMIk4zkzhTPfQjsG2f%2FZCm1Kls%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6ff71c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nauth-599150400912c8247ee1872211972b2a.css

104.21.17.61

200 OK

1.3 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nauth-599150400912c8247ee1872211972b2a.css
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1334 bytes)
Hash
798605650e5e2901a56b6e2a03283fd3
b0af61971ce50e4f2abf3cc9aec4a5f1a5606460
a7b4cc299499a198de23b57ad5758b7dd462b911c595501c1275ac5d6429c9a8

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nauth-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: text/css
Content-Length: 1334
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "1208-636d501a-c7affc2;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnUUZzafUS1QhpSaLTaAE%2BwGPYX1QJKGv%2BH01Is8ks4pwb%2BKUlavgyKZl%2BNVweVWoBK1SaipNlkMDj%2BtPUtWDtbeNwrkMPELXGJMvK3LCuW5tVFiLHMtgXixkxwZvGYPjfswvMmbYBfP6Ng%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6cb4b524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

104.21.17.61

200 OK

22 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with very long lines (384), with CRLF line terminators
Size
22 kB (21835 bytes)
Hash
29a86791a7518efabc7e40b55bb1405a
7347bcf28f8f286288a6209276f1d1f608eadafa
c942346cafbbce97838f5a9ea26413d6f2c3a12004e190c72dc2326b73a22d8c

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: text/css
Content-Length: 21835
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "21cdc-636d501a-c7adc85;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9np2JiE0GbLI0DnBW9q0klbprcp4E6pvk0XGcBCIg1igW974u3r%2BNAdxFaMeTaeaDSozDW1Ss7GCxyJl%2BRmWHiDRsNTI2yZYg5DsABLr6KwBt5rWmuGyIhWVZG1zQdUKeHH2ubXyV0FR4E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6d1c1bfa-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css

104.21.17.61

200 OK

1.9 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1892 bytes)
Hash
65b81dd5dc3129e7de261e4e154e8c9c
76ef6e94435ba8615cbd84e17a49d7e8936d3852
5b31ed79d5f3759fb3b32af2543756870f6ee8b81d6aae87b12f862272b121b7

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: text/css
Content-Length: 1892
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "27eb-636d501a-c7affc4;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC3HZy0Um6nyPH6IzE1YSE3aNsn1KRf8a7B%2BYv1jg1nivZPK85HbO0xf7TjKSINL%2FfFJnlFXTwnrcTUJigl6%2Bv%2BdQA74tIlWp5im6dxqjxUvqYhp6Uhy135bybfU2lsf18asVsmZ1PxxFX4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6bbcb509-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:08:55 GMT
cache-control: public,max-age=3600
age: 1696
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js

104.21.17.61

200 OK

18 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (954)
Size
18 kB (17956 bytes)
Hash
57231b4740b08ad5465d629b7e48955d
99945653b924fe4e2b29f1b79794a25e8cb8aae2
26b8ceca4e802045a5828cc200b7c9f56ec15fc0e7249b239bb2a0e916f51bc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/s_code.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 17956
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "b8fe-636d501a-c7a973e;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H6KUpYNl0VZ1FVopr6%2B3INHJoIvtSz%2Fbuz4c3QGgYYn8fRhvk4ZLEqBjrwtC3x4vADtS%2FlJyVstrTEoba0au1pE%2Fu3j7OufVZhreZUq7I%2FzyzqAI0x6XBeOQGGBSHUTMUc9KctgQ30YDNM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9c4f290b02-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js

104.21.17.61

200 OK

9.1 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31148), with CRLF, LF line terminators
Size
9.1 kB (9053 bytes)
Hash
2f7b98b35a3a3b663dd3b681f3d12451
58f42c079bf812d4f6b5bdc9321f6ff6c0b17d86
9d20fa930de1fcc6c0399bb453689b60787f68bba6f25d54009e76f0d1e272d9

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/bootstrap-select.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 9053
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "7aba-636d501a-c7aa48d;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euq0bFld8imTY40DFVszhBMgT925OiuDkA%2B35ayhUX%2B2WJNiBJIEXo0JLU4zrVKlL0HY%2BYD0vPPFmArEoe3yon7tWHMJNV%2BwkO8gSBExfwnXC2oHdp%2FJruU7JFKulTx%2B36yX%2BIlzHGK%2F8jo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9deeb6b509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

2.5 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2498 bytes)
Hash
f8614888610451b1c4e0016a05a902ac
65d030323066210a93b2a153d83cdc03f2c8cfc6
d553e5b5f1e9a999e7bc8625785507c7c311d753aede3acb53fcbe2425af0cfd

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 2498
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "1d3c-636d501a-c7a972b;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CbjGPdr5NYxonXHzl4wTfDoYdGxqKeD5er7WnB7c4tlggr8qxwdELuzrOI4HQOEU0AoYYKWHI2xGq4M9KKGfMz7StaP%2BiGuYv1Jq9GPE60vmN2iGikYkvSt%2FSVo8kvplRCtACd1Q7tBNCg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9cfe99b524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

86 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
86 kB (85688 bytes)
Hash
e87f0ef1e4e373872e496b0dcca89433
f986b8adc0c1fb752fcacc609a757cd3493aabd5
a0693cbbb78165d55bea4cb96177babe076ddeba377b87605773cd7bbb2cf6dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 85688
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "48e06-636d501a-c7a9eda;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8aFxx0ODxO7fugpBqXt%2BVOEe3YnKNMkWu4UwWNbyH8jx7JCyc4pcw4xwlY%2BxuIaLebkiJo0GSP4mqr0wXgu8WNzU8rLOjeKv47IAIeSqRF6IhRtqXxof0a7jUDtpvKyNhPsGrnp3sbfk2g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9cc9771c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/recaptcha__en.js

104.21.17.61

200 OK

138 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/recaptcha__en.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (549)
Size
138 kB (137483 bytes)
Hash
77cdb837800fca9dca04772c51c3a88d
d73f76d704b7c10fa9bbec2bb5d51bd603a167da
9aa44d5ef96dbd7540640dc45eb0b24e122a1a0a92c63e5474f34ff5db163796

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/recaptcha__en.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 137483
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "55f9b-636d501a-c209d67;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yb8DoFWPdiFUcu9Gal2DMJaccVnLqDoPYapppLXn%2F4VVGClw3iN4B08UVKljIjhbMWp%2BB9eVuxt2RA%2FlVVltFGKTikDyyL4vZ9O2VvymEpJ3eM5rYtuL507abX4Drd3njAe8qjzAOAdmxY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9b6bceb509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

2.7 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2701 bytes)
Hash
cb3b97cd9cb889c9b4a072b54f1c3830
7d4b209569d923b9bcd422941e848207f401a3e0
986e3218896a5d1fec0ef3737646caa22fd7b09ded0cf4d3359846cb002c4170

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/modal-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 2701
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "2823-636d501a-c7affca;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bOdcgMAiPQChEMvu2St8iDIZSRUsZcLspOzLNb6smbLplKUWO18QBfDvjozPW9NTVM2k7Y3V6DmYLw8dwAPynInkxgsh3Wvcr6EIxhgmopB7afVzjbp2DIY06%2FyvuuL62qF%2Fc3RjIGKqws%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9eafb8b509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

1.5 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1546 bytes)
Hash
1a86176f2c88833e9dabbbbe766f8409
0259c57051d9c6089f63ed9af045e2c118dade2d
477353a4077e7f95aba065cb6d0bf868ed2f3af4a56c407bb6eeb4eb079c53cf

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 1546
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "132c-636d501a-c7aa482;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IFjkGCb0znLsCrxl1qw97mWh73tqxVeFQDOOcwmGrwWNDoD9V0WmiyZClu%2BgGXCID03PTELqZ%2FSrs3zDQYN5CXjyX5PO3Lcm3hOhx2QErFHMIX%2FLOZuvZ1ZN2EKuh4xAAeXUA97TkVgFVY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9dbf5d1bfa-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6387
Cache-Control: max-age=90968
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:11 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:53:19 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

861 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
861 B (861 bytes)
Hash
e1827f0e630abb3df3b1b09f60151710
b5cfe7dbd791ab73ca2bbefefb1aace022ab1fcc
f1a107da176734cee7cf9ba4c7889e0f19047dfb3545877896f1c97efc7892a3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 861
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "95a-636d501a-c7a9ec3;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ftTZ65DGUDJBanZ5iYavCuewQVBcHlO9YgRaqGVCKcPuNFwXhspBjOttFJlWeHTYXw9gDczHKhq71lPpJw9dZpyKoq6mwspch9zBHDxVkxA9nExo2q6C4A9T36%2FaxQJicanqeHGLyDskkU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9ea884b524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

1.1 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1073 bytes)
Hash
40ebffa2ac7c3d11a5e12c0e2cc9893a
e8dd3b159cd41371e260d06f96d89190c7179dfd
d279facebbbfb2141abb7f63ddcc5bda7f860b68c03ac6e1b2fad7905e88813c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 1073
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "d4a-636d501a-c7aa483;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT4kq6v5Y3%2BMbhQkKwX2g1ezMbwmP9SAzq%2F0xsYVgrJqr8CAeBwZIRdRgKVWgGvqxA4uAa%2FGkrL%2BN4T1KI8XxdR0PZsn%2Bk76n%2Fn2VRirTOUjz0nceyXkmY6T6uHJKtPJ%2FlwJDBC9EKybUOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9eeb291c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js

104.21.17.61

200 OK

782 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1213), with CRLF line terminators
Size
782 B (782 bytes)
Hash
9506101200c6e3ef3d3de3bf5ff1e7f3
1179096634ace29c378be78d819f23a893742529
aa93b1d73f0b88f880df468e1bdd51ee45a32e6839608bc0632e1281d87e9d34

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 782
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "cf2-636d501a-c7a9efe;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTTs1Z4iekKmJSrgHu50JnN%2FVpT2hKiKFwArMiO6yptl240XEmhActuCVxcr%2BKMQAejGF5Gz33maD2Rva5exCQFHsZ%2BExXI6xND%2FU2cWA3h4RqfHSoYRFC3bYPAxRY%2BDdH%2F%2FHXLB4TBbcSk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9ea99c0b02-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js

104.21.17.61

200 OK

558 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (850), with no line terminators
Size
558 B (558 bytes)
Hash
2a0fbeaff401daf7f8d961960efa46c4
8c4c3f2d10be69f7fb0fcb659e9232a03f7d7955
8d6f9522208a16b57d9930f7b2b0d828c91492d747c2d9cdd8915abe57842e63

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/api.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 558
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "352-636d501a-c7affd1;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khlz8Iy6pXMj9TyOWUs7SeWtOBGfOlYTIp0u6jC3ElL2yVKfTZZaCnCqLuxFDfyT0bdZgRJ3UXXHo3mXVb%2BLpGWj47VfijcYB6Fdyyhuv%2FO9fsrT01M8Pdw4eOmSroFAjzKEcCloGGSZ9RI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9f7887b509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js

104.21.17.61

200 OK

7.5 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.5 kB (7541 bytes)
Hash
3bdf59c9ec85ec43d46e5cf9edda2e96
a06ccc8d75554a7e44dd8ce9656e90420b42f38b
d964494995ee4b7de40b3569370e33773c447c759a21fbb3e746e53b61449b35

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/tag.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 7541
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:09 GMT
etag: "5494-636d501a-c7affd2;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95cFCat1Ua2aowlSYuy9qTV5o%2FOaawQrUKoF%2BgjJoxLZ5opY%2FozGX7027p6qRAAXA9ZhRsYKu2Hc75HMYyFyCylJLnZnJ69g4AV4vf0PrRFeB7oiQPuJGSC0rmADVPArtBY98Kcq42p9JNU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9f78f81bfa-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js

104.21.17.61

200 OK

5.7 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1788)
Size
5.7 kB (5731 bytes)
Hash
36eb654aef08e98c53c84daf3137e6f2
b5fa1486b0af186d956f18ee52bc0787d9ddc8b2
4872af9b656f713443c14dc3518111cd79244f41f59dcbc0800e2bd12c9d7aa5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/le2-mtagconfig.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Type: application/x-javascript
Content-Length: 5731
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:10 GMT
etag: "4e30-636d501a-c7a9edb;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQZ8VON%2Be1Yv2aqkmKzYgftep0hrtiSFzNbUJcFBUSmTpDM7fwjWO1QlJrVL0Bj0wfJ71r53Wl0eYtlQlanAXc0vJVPGDhOcJ29%2BgUAl6otsv5KmUqQ938wtcvGvIx9JnICqS2fMbsIeNMM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121f9f7889b509-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l0EdDvfS9HmFSZu2Mqos6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OtkSe8As88fcEhw5ihMvQD+KYfU=

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa

104.21.17.61

200 OK

72 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (72012 bytes)
Hash
335f2776eaf4ca7eca9953d2240c3316
5f5702f072d8e721dd3557ccd2a0944b3cc58fa5
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:11 GMT
Content-Length: 72012
Connection: keep-alive
etag: "1194c-636d501a-c7aa488;;;"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afLu6nbMuH9Ky2TYpUB83bN1SsAUZeAOA4tgkfrOp%2Bkdfp%2BsRd4VE6OQj9CheXMrzz%2B0tjudt%2Bfq%2Fu6SdI%2BlTi4f1zlG7qDywQKpepa9%2F0cS2nXsHzQ%2FkBUI2KdaSchx%2FIIgCFy7YOtZDWA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa04ca81c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js

104.21.17.61

200 OK

83 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (82655 bytes)
Hash
e4d00f154ab5d226700b98edc691aa12
5c16affb99e6e52ad03d9f0234fcadafe97def57
114f511e4b8f64471938b213c2c7740c96bf76625a1c641a317683c0d26205f9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: application/x-javascript
Content-Length: 82655
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:10 GMT
etag: "4083f-636d501a-c7adc83;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLwkgnIvWnmhWsQ5K%2FZ0bEt380HPU6Dskhso10QFoj%2FFeg9W52t1Et7oJVzJk0EML90St%2FVjC9%2BaOylMV7pvA1DGHxkBYp7cNC9aYYfX4KXTnviLOqsg9Fan9CK24Nj5ovcu462vRXoGFFw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa04a83b524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg

104.21.17.61

200 OK

6.1 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2618), with CRLF line terminators
Size
6.1 kB (6104 bytes)
Hash
6af0c59ecd24f7391c348485c3ef761e
2cad8139cbe910551a123dd55a3419e06694e432
472c03150b5eb8189c417c7dab141f653c9ce938226b14d9270f7641312df720

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: image/svg+xml
Content-Length: 6104
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:10 GMT
etag: "55ca-636d501a-c7b6885;gz"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU4tQIQ41zWKsIhadzfZCeN8%2FkjmFxM1qvoT42%2FmJK2KAkbaQnd2%2BTbycuZWFpF%2Bv1eiaGtb79H81U6h9vwTITPa7xwvsaOw7ywkuqWznyyLKs%2BgBH2tThaO1tCritnQY%2Ffn4g%2B49X1HvyQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa30c571bfa-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15948, version 1.0\012- data
Size
16 kB (15948 bytes)
Hash
c85615b296302af51e683eecb5e371d4
ff7c20b0947804c607759aa46eab666d94cf12ea
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:44:37 GMT
expires: Fri, 24 Nov 2023 16:44:37 GMT
cache-control: public, max-age=31536000
age: 319955
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16112, version 1.0\012- data
Size
16 kB (16112 bytes)
Hash
899c8f78ce650d4009d42443897aa723
d2e2faa9780b7fca5a5cb20a853dd7df55b3101e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:41:53 GMT
expires: Thu, 23 Nov 2023 18:41:53 GMT
cache-control: public, max-age=31536000
age: 399319
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm

104.21.17.61

200 OK

116 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvf1mpiUzcaFOpdYj9pKKchklRj2QwMY6XufO%2Bd3pR5WWFWSEncmR9%2BLdN%2FIyfOtsUjAlWnVL%2B7B63fo1LCb3nD48w%2BWqIX2zVp5plpjh93%2BN5JKr%2BgSajj6Ys71v1p1Za%2FLPPAu5evNOoE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa35e34b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
16b76d735c7e4906982ad178fe871d3b
a3da055c743cc922ee42c660b252f512849f872a
f6d66af6111c59ac82f7d0d9dc2cc22032d0b83186511b868395acf9b28d4fa6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:12 GMT
Server: ECS (amb/6BC5)
Content-Length: 280

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm

104.21.17.61

200 OK

14 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32192), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
796c27cd02dd072f3698734435fff671
7e3757d06afeca281a8ba6ae5b698fa5788811cd
5dc4c90c4ee7f6c654c54916ea8e0eabdbfed2458108d0ad7a028613936256c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/storage.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1wwXGm7HpOTMQkTI9ZsPxFP23uPQ2XeUV6NF7rxMajZ%2F%2BqUmZzfdiSwtmx%2BUBh8%2BsSxkctTOMB934Evd%2Fr03OmOjyEjgJK4UDh%2BQj%2FdaLPyUpSw7OM%2Bau3FzeWelDXvx2yr3WKNwaM4ch4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa37f270b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

my.navyfederal.org/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg

104.88.20.141

404 Not Found

1.0 kB

URL HTTP/1.1
my.navyfederal.org/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg
IP
104.88.20.141:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1018 bytes)
Hash
1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42

HTTP Headers

GET /NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP: 
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Mon, 28 Nov 2022 09:37:12 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=40~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=63c3ded73e565cf53a61a249fd44293a; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=04C3922279ABFA5F6F58622A18C114EF~000000000000000000000000000000~YAAQPDIQYEzxEXqEAQAAAQOZvRGPMuV9fzCHAgaqJNd7MnYgLEAIzzrtyH/AvvbBOG2/iLY17BQqpo6W6MfEpP4qoxHr5otnOaV2a+FkhV4SQ0j7O8GbeotkA3LInE2ICNvi0wB/YmyqSpM9Jjszy78FwXE9jkajJqJRhwpYKYydJKfbKHfu8Q50sqQJ6D779FRQMJAVI8B0BLhU7lIuE/eZX9KQKgWke35uUB7JC72hT3jmhERANk27QhzS4pHVc1v9UO5Ds3qPzFlansH1RZE9yX1BR/CHhANfXas9AkRf9Yrkilxy0OVwSz/AWNLeZyBQecoGvBuiyggZp9z8PpVdJBwSJLp2ZU4oQC/j2d2v2vWsjzbnMOU/wQvjM+xtEXLakQ==; Domain=.navyfederal.org; Path=/; Expires=Mon, 28 Nov 2022 11:37:12 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000

my.navyfederal.org/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg

104.88.20.141

404 Not Found

1.0 kB

URL HTTP/1.1
my.navyfederal.org/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg
IP
104.88.20.141:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1018 bytes)
Hash
1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42

HTTP Headers

GET /NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP: 
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Mon, 28 Nov 2022 09:37:12 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=67~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=646bd7344ebc38349424390d36c9197c; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=23A6357C06FB8C7848690766BA82E1C0~000000000000000000000000000000~YAAQPDIQYErxEXqEAQAA/wKZvRFzhMKBN1SHTY474NFFeGhCxrONUc6TTB0sGPPBYAOi//n+EmSqxf4oX356Z1Vxb9l+Gr7dIgpyPB31l7Rq2LJ8F1NgqNZWMdmhMaH3W3yDwS3d7w8sBrsqYxIWK5h3+kP3tHCEj5TQYi/UO0ncQrj8jzKZwt1wPGgB5EbfblgxmDVgm3mIlQz7b03pUjnN1VCBv4m+1MEFKs3t0//S39TeIvWIzD32MfNEw9lKuS+3hQ8YHqavg9IX0zfMQDat2NXsWmxKFG9QP4X09HD8LsYcEIbqNN4jLUMjc5oTea+R5MBflMJevzRzRpwRwRdEg+ssqbqYTfb8rd9hhtIaTHxyqr4c1BMfDffWP7J5MWTabQ==; Domain=.navyfederal.org; Path=/; Expires=Mon, 28 Nov 2022 11:37:12 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000

my.navyfederal.org/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg

104.88.20.141

404 Not Found

1.0 kB

URL HTTP/1.1
my.navyfederal.org/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg
IP
104.88.20.141:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1018 bytes)
Hash
1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42

HTTP Headers

GET /NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP: 
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Mon, 28 Nov 2022 09:37:12 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=4AD3B453B8F835CE5A256229A2360BBA~000000000000000000000000000000~YAAQPDIQYEvxEXqEAQAA/wKZvRE/7WXTH2vWExHcxiued4LNVtncCCv+YIUUPXdwHLim+yEGbMN7YPQIJ1q2TmSc+RDKnzLV1WglU+myaGHDNjWm1DcX9JgSjOHhaXe3N2AYySOQzIzL6QCVMQTMl/caEx8tJpwQlOW/2aGKJudbkJIn6BfKYUIUHB7CytTzgdd//GkJPGCQ4bRMWhyuSdhXxC1SDbGvq042P9ZNKx2xtbhzZPp/nEXV4z50JAs5GwB+MfcW3ymwQIkUPV5XNzAY1YFyPs6yKIEoWbLkv9jldhhJzHcXwJUKPsyoNu60k+jT6aXWn1//hV/sbMngXS7pjSRzDBB0Tf34FbgF0+Vul/Yd2OnMxSSPL1Z0uSUbT2e8CQ==; Domain=.navyfederal.org; Path=/; Expires=Mon, 28 Nov 2022 11:37:12 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/img-billboard-BG.svg

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/img-billboard-BG.svg
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/img-billboard-BG.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct8Q9RhrylkgyIuRO%2B%2FC%2Fx9ts7puJUq5D%2BHBTf%2FRCKB118y13%2BzezD%2Br1QhoZFzPZQlekh%2BUyHtn%2FzuqMU%2Fa55faztxS%2B5lvoNT3kQtdEITT6GJbHCn1oQxizS9uIEXtvISlvUYkAXP3eQw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa37f5b1c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.woff

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.woff
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.woff HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18yFVt%2B5MghoyooZ9x7z24Z77PacqHli78SfIqUMH2ioEFGcx%2FqwybYtMOhM1c4oquRhXaoV%2FXDbzz3gLkZA5C0ekD720%2B1k7KS0SIaWSvKmLkZvayLYnxZFDSV93A03p7VAwhOWWOnKIDk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa3cd421bfa-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/toolTip.svg

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/toolTip.svg
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/toolTip.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pizhezNqKITU7AJflX4U7Phu3FF09HH0xIg2SYsla4PtrF%2BBWTJe3eZs7Qrd4bodJezaDn2Nq1wggVaW3RKvmqTXQPPE2NE5r9rBU1su7kGR2EGGd0XsCW%2BDil0LDN0a24%2B5pXeommYk0IQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa41f8eb524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/bg_globe.png

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/bg_globe.png
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/bg_globe.png HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHX0txLtggKvNVNu3TCSRuJ1w9xJakqHOHpYcVmIzJ0ihOu3lgVs3Im3FXUpt3NIJD0NNuBvV8YQGVOfViFkqhtwF%2FlP0B0W7qp%2FG5WIKht2md6fkWk7gVdwCs9K76YhS0broRCfLb3Oc8o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa37d0db509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm

104.21.17.61

200 OK

116 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAvyycy%2Fil13ryDJfGhHGX6kF9iGtZpjdOxqHPS5XXmO8unqTybfv7E4DmOSjwWQ%2B6FqlBz4Jolpfw%2FHaa8VfnaAP3shvzM1kNXrlo5gIEpHsg%2FAx2cfnyp87OrTT%2FMSFXLqPRCKe8R%2FCQE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa52ea41bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff2

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff2
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff2 HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBWH4HD%2BlbXa12k7EYmTjG3NaDn2%2FJGuY%2Fd5vaywoanq5BrPkF0EuHBHegb5%2FOkfAVzmNWth4NhomrlTlq0dY4RoinJDt9TMJXzf5VtTpJUzDaWhqT%2F%2B7l2Z9c8FrLnwQig3PWulqldxTF8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa4d8b10b02-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ba180e86f06bc8c0b324db6c49ef9ecf
d5c05c61496c7cf7b772d789f5038d0547e94898
fd2344b5a5bf472fd260aae5135b5a7f61903db72d7ebbdbf98b5649ed0c2e60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151528
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:12 GMT
Etag: "63842e30-1d7"
Expires: Wed, 30 Nov 2022 03:42:40 GMT
Last-Modified: Mon, 28 Nov 2022 03:42:40 GMT
Server: nginx
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
886ef3f0739f32fad7714c0b7cdfd6f3
740a8d656210f0842a8fe52659b9251549707d46
c2a27ff581a9dffe103cb677e4dd531f2c686fd0e57bcfdaacb9f60bdbbfe0d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:31:55 GMT
Expires: Fri, 02 Dec 2022 16:31:54 GMT
Etag: "740a8d656210f0842a8fe52659b9251549707d46"
Cache-Control: max-age=369881,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121fa52bcfb4fa-OSL

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.ttf

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.ttf
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/nfcu-icons.ttf HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fenHUgptwwcmmIdUr7znvIyMzqjngRRMJyA5TNEX9nWHtENuaXH9qQ9l00K3S2gZ5dTjoMABwdD3Cm8PhEEJuzdxFB1qzUNqFjoadaIChIDw%2FWp7uSmWSUxFX6PHjtxTIGI4tt0CSCPXYqo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa5892cb524-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg

104.21.17.61

200 OK

186 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x500, components 3\012- data
Size
186 kB (185745 bytes)
Hash
71bb90e5a3fb345196f166e4389c4ac1
5687c3c6f0146d9094d49cc6fe4cd5390a170672
ee4321efb356cf875dacf07419eb2649351e5907c159754a94b7b3be02479fe9

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: image/jpeg
Content-Length: 185745
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 09:37:10 GMT
etag: "2d591-636d501a-c7b6884;;;"
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z809QW6dFw8suElePozNY88BU%2FNflreMPbLioD18eKVt00UomSstX%2FkLGcqKnCeDhXLTucPl1QOv8eukiY8uyl8BRoBulCx4RZa5kdtsarCfm9A3Rr%2BC5ZIbEsjw%2BmGjqftOV4wwlAzhnU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77121fa30c84b509-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/icons.png

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/icons.png
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/images/css/icons.png HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqjJc5dZYXPE5zUAghnrBhmFzTxIQ1lQsQ9s07QA7lt5Hjcfxb%2BSPghI5SRiLHXZFgxyqqJEkX%2FMnHRSIKVY1K3vgFg6CJ3%2FDdcN7Tlpp4DRpSzv0GbPw2gDZQ5SdUy8MpRe2n%2Bt6s7SWN8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa4f8d41c16-OSL
alt-svc: h2=":443"; ma=60

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm

104.21.17.61

200 OK

116 B

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
116 B (116 bytes)
Hash
ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/?entity=1994173
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 10 Nov 2022 19:25:14 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FEeDFYFOpkVym1SVimdA5kweTeNviTZfmwDB9VtTVUQkGZJlGZ%2F%2B9ctwD1dWRMcw1%2B10ulQfZ4yf7r%2Br%2FoPut6rJ2o5BXI%2BU%2FZmarP6mzuJEOgQww8bLJ4WrLE0icpGw%2FBKC80Q5%2BsG6gE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa58f44b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
886ef3f0739f32fad7714c0b7cdfd6f3
740a8d656210f0842a8fe52659b9251549707d46
c2a27ff581a9dffe103cb677e4dd531f2c686fd0e57bcfdaacb9f60bdbbfe0d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:31:55 GMT
Expires: Fri, 02 Dec 2022 16:31:54 GMT
Etag: "740a8d656210f0842a8fe52659b9251549707d46"
Cache-Control: max-age=369881,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121fa528d20b45-OSL

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.woff HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSCNXeiWjKQ72OdX57O2VsmeRAjXeWCB564ItuaT%2BMvsCEwV7BQlgRZoaN%2BE1xw48ENo3nQ4AkQ8nDYqtTJ3igjqS83I5MO9Sw6qKMJ%2FweHNq1tx35obP9Zp9CnjbfAZ51%2BTq%2B8C%2BthyBuQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa63fb01bfa-OSL
alt-svc: h2=":443"; ma=60

rnemsg.navyfederal.org/ci/pta/logout

147.154.117.92

302 Found

25 B

URL HTTP/1.1
rnemsg.navyfederal.org/ci/pta/logout
IP
147.154.117.92:0
ASN
#31898 ORACLE-BMC-31898

File type
data
Size
25 B (25 bytes)
Hash
3f8372f15e761c5f9e4ed6515f744df3
81a6e71371d2a46f6116e045fce6feb258b2d9f3
61c08f21cca5983f6f115bd91b9cc97bd29ef835d1cabed197d79fa7e1e7bd76

HTTP Headers

GET /ci/pta/logout HTTP/1.1
Host: rnemsg.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:37:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
F5_do_compression: yes
Content-Encoding: gzip
RNT-JN-Ext-Machine: 43.3
Strict-Transport-Security: max-age=31536000
Set-Cookie: cp_session=fUo7PJIwOY8_P9KnmnxHALMUjdAnwx~gxOTPBT8iHXFJFyzjOLZFfMwG8WR5mNNPmbtWcSezYD260heYNmYB1Skjl5ZzH77hmO7tF1xnS7ozLm1mYn0o7Z7g1cSKIZ0Fmv~Qdwi2sJ3LYF_yP5tF3EiaO7UimkKaGHGdMAWYLLWRVmhBo8~3Yo2v9eSmDDDk_iPGnw6qY1uRsKfCbE36p1mrks5IthAGJqUDWziAgBqdhirMF2Kn8EKmetRAEKqFG8Kwiqkh6kgb2JV3JFZH30TDkTqtOT7Yoxoarb6VZO9cOr6CsO~e4Bpv5I_vCI3~h1nMKrft_syGgKEjamf6LsrMTwLFhadQbiWUQ5gBzci_h~pV_yt8pLBvkiRRVahac5_SOALgUwlvE4YNwP5Tn8LHghEnNZZBj~bF48snFZ1kISsxk1DkxGujTzFXoC1ztYMJd3cnPCPB44k0UYZ26AcsG_oecUe_24ptjxepc43_q616LDKPprdA!!; path=/; httponly; SameSite=None; Secure
cp_session=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
RNT-JN-Ext-UUID: b03b58f5-e6c3-4335-b120-729f63affb25
RNT-Time: D=128619 t=1669628232816664
Location: https://www.navyfederal.org/images/spacer.gif
RNT-Machine: 0.73

www.navyfederal.org/images/spacer.gif

23.53.55.214

301 Moved Permanently

0 B

URL HTTP/2
www.navyfederal.org/images/spacer.gif
IP
23.53.55.214:0
ASN
#1299 Telia Company AB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/spacer.gif HTTP/1.1
Host: www.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agileprofessional.com.br/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://web.navyfederal.org/images/spacer.gif
cache-control: max-age=86400
expires: Tue, 29 Nov 2022 09:37:13 GMT
date: Mon, 28 Nov 2022 09:37:13 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

web.navyfederal.org/images/spacer.gif

23.53.55.214

200 OK

43 B

URL HTTP/2
web.navyfederal.org/images/spacer.gif
IP
23.53.55.214:0
ASN
#1299 Telia Company AB

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /images/spacer.gif HTTP/1.1
Host: web.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agileprofessional.com.br/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
last-modified: Sun, 02 Jun 2013 10:22:19 GMT
etag: "2b-4de29390cacc0"
accept-ranges: bytes
content-length: 43
cache-control: max-age=7776000
expires: Fri, 04 Mar 2022 14:24:11 GMT
content-type: image/gif
date: Mon, 28 Nov 2022 09:37:13 GMT
X-Firefox-Spdy: h2

agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.ttf

104.21.17.61

500 Internal Server Error

2.6 kB

URL HTTP/1.1
agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.ttf
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.6 kB (2644 bytes)
Hash
3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/fonts/sourcesanspro-semibold-webfont.ttf HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/3456b8c8ec337000ba9c6d985e1e9bf3/index_files/responsivemain-599150400912c8247ee1872211972b2a.css

HTTP/1.1 500 Internal Server Error
Date: Mon, 28 Nov 2022 09:37:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANN%2Fj8REHK88uoLBO69tlbJJXg2huuGljuCwOL39Jzc51BeWLjSkPyywXtPfyqmIVGMBMtdwVZWOCnyJdJgVAjR1HXA6TkBhv5a8x0zgj8LmUv8J0oOItZN7SaSiGHrk2S5kISOJVCUL0Xc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77121fa7d9dcb509-OSL
alt-svc: h2=":443"; ma=60

my.navyfederal.org/NFOAA_Auth/favicon.ico

104.88.20.141

200 OK

351 B

URL HTTP/1.1
my.navyfederal.org/NFOAA_Auth/favicon.ico
IP
104.88.20.141:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
351 B (351 bytes)
Hash
1ff701ad319400203220d48758838e99
e603d649127b743e4c32988dd40cde0c0924c11b
4bb25e1c20ad9bb64afc21206c14f5c25140a4056b8bddc06ac554559d59c71e

HTTP Headers

GET /NFOAA_Auth/favicon.ico HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: image/x-icon
Content-Language: en-US
Content-Length: 351
Cache-Control: max-age=900
Expires: Mon, 28 Nov 2022 09:52:13 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
Strict-Transport-Security: max-age=31536000

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12555 bytes)
Hash
f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 42364
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AhbL-wXc_eYsgxdjf0DIEJD7Z3XfXMjXwDC52Bz_SnvmmWAhl3g99A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:38 GMT
age: 42335
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 41727
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11255 bytes)
Hash
6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6qKDE2jlIb8D2Mhg-OcsfU1haVtyGYfcMcs1NJT_HPlTv-O26tR60w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:34 GMT
age: 42159
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5989 bytes)
Hash
fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:13 GMT
age: 42360
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 41727
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

142.250.74.163

404 Not Found

1.6 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
42ce5054207c737a4539726fff1cea32
338e12cc1019e8e080cdb985f9afc817b0eb76b8
54a34b914df3e1ca89045c816c2080c66586977a941d241209038047f1ffea5c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Navy Federal Credit Union

HTTP Headers

GET /recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:37:13 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f700a34fbaa5509fc98fa3e192f57174
1c2a4dbc974d066d387f71087f112dabf702be66
2fa1bb4c30ef1a1b899997a8038f2a4a4320117ce3c42e81475d143d5f110250

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:43:25 GMT
Expires: Sat, 03 Dec 2022 15:43:24 GMT
Etag: "1c2a4dbc974d066d387f71087f112dabf702be66"
Cache-Control: max-age=453370,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121fa9b9e6b4fa-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f700a34fbaa5509fc98fa3e192f57174
1c2a4dbc974d066d387f71087f112dabf702be66
2fa1bb4c30ef1a1b899997a8038f2a4a4320117ce3c42e81475d143d5f110250

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:43:25 GMT
Expires: Sat, 03 Dec 2022 15:43:24 GMT
Etag: "1c2a4dbc974d066d387f71087f112dabf702be66"
Cache-Control: max-age=453370,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121fa9bd290b45-OSL

lptag.liveperson.net/tag/tag.js?site=11478817

178.249.101.23

200 OK

7.6 kB

URL HTTP/2
lptag.liveperson.net/tag/tag.js?site=11478817
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.6 kB (7567 bytes)
Hash
6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd

HTTP Headers

GET /tag/tag.js?site=11478817 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:13 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.navyfederal.org/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png

104.88.20.141

404 Not Found

1.9 kB

URL HTTP/1.1
my.navyfederal.org/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png
IP
104.88.20.141:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.9 kB (1941 bytes)
Hash
726ecf2df6a19b5a3c655e4941eb5135
1fdf86a26d04338d4f5394cc852a5c8387d95048
d3ba0f9d4c73e11ca995ac01df41b72c0ba60290454319cac7232e90c535a98e

HTTP Headers

GET /NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP: 
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Content-Length: 1941
Content-Type: text/html
Content-Language: en-US
Cache-Control: max-age=900
Expires: Mon, 28 Nov 2022 09:52:13 GMT
Date: Mon, 28 Nov 2022 09:37:13 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
ak_bmsc=98B20C7D996E3F170B89557EECFDB5B0~000000000000000000000000000000~YAAQPDIQYE7xEXqEAQAAAweZvRHXdQdRO+adQJN7L6IvFWttxRt14qcc/Lw/9BqA9nFwp4udqb0rNR+Qplp6lVrQW3ZXkWtWcegHNbnRQ+CLZ5SHAu9UrNSYXqUat1yBfdBmBQWc/3vDmxbZzsgbTuV8qr0P9bJjCz3GG554A/b5ybSp8nDlbxrBpLRx7gICDtw94krdmzQoTbgOVgz3fcGBVuVQjg4EixXF46ZErNNBOx4h7eyMt2gCgfL6pm0j4YFdKL6S5bWAc4yF/m4Es9KKnSqADoaRBWuCRGzQM+DHUgnVlNeq0Ge5IJEgHimd5XEtZ6LB0WrrUDxxLMcGxyntrTp+AvJn93Tqa008FgKfiPTBnjqRu/XwssjUDtic7tqX9A==; Domain=.navyfederal.org; Path=/; Expires=Mon, 28 Nov 2022 11:37:13 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
188ce7fb39c8ab0fa084c78a1be62d99
91f3e74cd3ce0023a33d6a477f6e336ad6f299cf
aa4850f46340fd9337bafcee10cfb26f7407fb10bb575aac6bbd4aff04e09db0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 12
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:37:14 GMT
Etag: "63832308-1d7"
Last-Modified: Mon, 28 Nov 2022 09:37:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ac05074fa9d0ea07b44c3d559178cb4f
f1247b69ed3e53b036499fb00adea527f837358f
ea465a630f433ef3029df16f0426fccb39140bc17ae0049f27b710fbde8669c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:37:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 11:37:41 GMT
Expires: Fri, 02 Dec 2022 11:37:40 GMT
Etag: "f1247b69ed3e53b036499fb00adea527f837358f"
Cache-Control: max-age=352224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77121fb4ced0b4fa-OSL

va.v.liveperson.net/api/js/11478817?&cb=lpCb8627x47420&t=sp&ts=1669628234228&pid=8493352879&tid=2676307283&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2F3456b8c8ec337000ba9c6d985e1e9bf3%2F%3Fentity%3D1994173&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

208.89.12.87

200 OK

0 B

URL HTTP/2
va.v.liveperson.net/api/js/11478817?&cb=lpCb8627x47420&t=sp&ts=1669628234228&pid=8493352879&tid=2676307283&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2F3456b8c8ec337000ba9c6d985e1e9bf3%2F%3Fentity%3D1994173&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP
208.89.12.87:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/js/11478817?&cb=lpCb8627x47420&t=sp&ts=1669628234228&pid=8493352879&tid=2676307283&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2F3456b8c8ec337000ba9c6d985e1e9bf3%2F%3Fentity%3D1994173&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:15 GMT
content-type: application/javascript
set-cookie: LPVisitorID=I0ZmMxZmQ0NGIxZWY0ODY1; Expires=Tue, 28-Nov-2023 09:37:15 GMT; Path=/; HttpOnly
LPSessionID=GsjTzKP7RByuVrvZ7WdKGg; Path=/api/js/11478817; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb79828x5777

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb79828x5777
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/11478817/configuration/setting/accountproperties/?cb=lpCb79828x5777 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:32|g:3689390c-e8da-4a2a-a3cf-586db4fa329b; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
ADRUM_BTa=R:32|g:3689390c-e8da-4a2a-a3cf-586db4fa329b|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:2241585; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
ADRUM_BT1=R:32|i:2241585|e:8; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
vary: Accept
expires: Mon, 28 Nov 2022 09:38:12 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa

104.21.17.61

500 Internal Server Error

0 B

URL HTTP/2
agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /static/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1035
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 500 Internal Server Error
date: Mon, 28 Nov 2022 09:37:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BU5sHjsMVf7oT8WoKT1h1vmC7zIs6834hGbWt1PnH1Hloc9nAM3rs%2FJQhg%2Fsvkppie%2BPGFZOjQuH5bZ7m0MDTlQh%2FXI3BPueAyjN%2BR13I3Ae1%2F5VrslJ2BkZLPwpM7pq4YadqrXkOpxpzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77121fa47b010b3d-OSL
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:32|g:e9b08928-5cad-4de8-b451-3fd951a1f66b; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
ADRUM_BTa=R:32|g:e9b08928-5cad-4de8-b451-3fd951a1f66b|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:2241585; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
ADRUM_BT1=R:32|i:2241585|e:8; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:42 GMT; Path=/
vary: Accept
expires: Mon, 28 Nov 2022 09:38:12 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa

104.21.17.61

500 Internal Server Error

0 B

URL HTTP/2
agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
IP
104.21.17.61:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /static/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1288
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 500 Internal Server Error
date: Mon, 28 Nov 2022 09:37:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnDB8fo75UgAGXrnQJ%2B%2BkheJ2vyn1NO4LYrTYZiRJ8151yVIsmuJr0P3IMX1X7hZGgea2dWDmgRJEhMH0dDqFge26SOHqoYLccjFq2fw2MPG7z%2BZeOndAHBeyR%2BBUR%2B1kTezQeR3J9%2FCxdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77121fa6bd730b3d-OSL
X-Firefox-Spdy: h2

lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3

178.249.101.23

200 OK

0 B

URL HTTP/2
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:13 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:32|g:4a0742d8-9557-4d7e-99f1-9cc5ad7e55a9; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/
ADRUM_BTa=R:32|g:4a0742d8-9557-4d7e-99f1-9cc5ad7e55a9|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:1758155; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/
ADRUM_BT1=R:32|i:1758155|e:1; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/
ADRUM_BT1=R:32|i:1758155|e:1|d:2; Max-Age=30; Expires=Mon, 28-Nov-2022 09:37:43 GMT; Path=/
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

liveengage.navyfederal.org/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod

178.249.97.98

200 OK

0 B

URL HTTP/2
liveengage.navyfederal.org/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=47~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=6b5dd52e5f676e15bc9cf637cfeb150b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:37:14 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 28 Nov 2023 09:37:14 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations