firefox.settings.services.mozilla.com/v1/
18.164.68.21200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 12:04:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c091804e03ab5aaaa5fa50ae3fb748d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Cbx7KMDaOYruRJq1w-qkEGEv6youJFiBbDneCaqEAyHXNWWouS9rPA==
Age: 3294
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15295
Expires: Wed, 05 Oct 2022 17:14:22 GMT
Date: Wed, 05 Oct 2022 12:59:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
216.137.44.94200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 216.137.44.94:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 02:17:30 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e938055f42c443f0a23b6c9d3d144d8.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: AgCynpMZyEQTOWjeDKOES9PVPlS5qB1Hs_6Sz8ZiY3ww__Q2q40g9g==
age: 38518
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 12:59:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
20.201.127.43/style/css_01.css
20.201.127.43200 OK 3.2 kB URL HTTP/1.1 20.201.127.43/style/css_01.css
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 253c25c218bbedfaf593ebd101b904e8
8bcf464191e55e9742428c61f0ac19f3ffa9e367
708c340544ed0181ab0b71947a07a75ea7ee1b704f2b9d85b4d01e22c836a61e
Analyzer Verdict Alert openphish Lojas Renner
GET /style/css_01.css HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:04:11 GMT
ETag: "c78-5d20dc42944c0"
Accept-Ranges: bytes
Content-Length: 3192
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.21200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 12:32:55 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 12:44:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c3ac810888cb46ee4166354c2171bcde.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: v7Tv2aYNsEbuaNeiOd0sPNfj8tY4nJvXhOj3emYGzMwdqpw3jWGlOw==
Age: 1594
20.201.127.43/style/css_03.css
20.201.127.43200 OK 1.8 kB URL HTTP/1.1 20.201.127.43/style/css_03.css
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash fbdb2e8b6e5d4e7adfb91a89b2697167
d7f2bff23b3081fe5deba78d2b5a3d24ccc04a38
ea2af08d3ac0fbb9b6a9a7cf94ddc0685b5a2ffb0fec07c5bcdfaa9c6e7d65c7
Analyzer Verdict Alert openphish Lojas Renner
GET /style/css_03.css HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 05:08:09 GMT
ETag: "6fa-5d20ea8ec8040"
Accept-Ranges: bytes
Content-Length: 1786
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20.201.127.43/scripts/vendor/jquery.mask.min.js
20.201.127.43200 OK 5.8 kB URL HTTP/1.1 20.201.127.43/scripts/vendor/jquery.mask.min.js
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (545)
Hash d3913bf39badcf52231ee2286d7606be
5f87f04372200696d91d3206fd402b676924bd14
55841b421fe5ca8dc4ef5daba4e1126e1f8dc81d515569f6b6b5bba787fce26d
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /scripts/vendor/jquery.mask.min.js HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Sat, 25 Sep 2021 14:13:44 GMT
ETag: "16ba-5ccd278b6d600"
Accept-Ranges: bytes
Content-Length: 5818
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
20.201.127.43/senha.php
20.201.127.43200 OK 91 kB IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21103)
Hash a380a639566065cfb1b198db638e46ec
77903b1e681a9e89542ec7be057eef8cd4e80ce1
4474b0891bc7457b85ffff2114a7e8615d225b2cca28be2a651f7e1cb24139bd
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /senha.php HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
X-Powered-By: PHP/7.4.29
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 607
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:59:27 GMT
Last-Modified: Wed, 05 Oct 2022 12:49:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
20.201.127.43/scripts/Validate.js
20.201.127.43200 OK 1.7 kB URL HTTP/1.1 20.201.127.43/scripts/Validate.js
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 0c122ab4011a3a2d2f0b94cc2fff0147
57e8ced19e3bc8023f6d4973cd9891bb2849cc21
e26d8049a3447d8c1bbc5c1225aebfc3d1be8c1945b1cb7231c56e6d484771b6
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /scripts/Validate.js HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:27 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Thu, 18 Nov 2021 12:46:06 GMT
ETag: "6c1-5d10f8abe5f80"
Accept-Ranges: bytes
Content-Length: 1729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
20.201.127.43/scripts/app.js
20.201.127.43200 OK 6.2 kB URL HTTP/1.1 20.201.127.43/scripts/app.js
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 77ef6eeeb334ec7d2afbeeef528192ac
ebb8d6a19798dd5662875b897d24b7dbc3213695
860b7039046294b94d9d95c61f1e1c2cdb0139e4c92ac38fa2639ef40c3f85b4
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /scripts/app.js HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:27 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 06:08:02 GMT
ETag: "1862-5d20f7f155480"
Accept-Ranges: bytes
Content-Length: 6242
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
20.201.127.43/scripts/vendor/jquery-3.6.0.min.js
20.201.127.43200 OK 90 kB URL HTTP/1.1 20.201.127.43/scripts/vendor/jquery-3.6.0.min.js
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 7c14a783dfeb3d238ccd3edd840d82ee
ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /scripts/vendor/jquery-3.6.0.min.js HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Sat, 25 Sep 2021 14:13:23 GMT
ETag: "15d9c-5ccd2777666c0"
Accept-Ranges: bytes
Content-Length: 89500
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iLAEhEd5FQKMjCx1sVeMFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OvF1nbgVJhKitTxp4Tvllin06eM=
20.201.127.43/style/css_02.css
20.201.127.43200 OK 122 kB URL HTTP/1.1 20.201.127.43/style/css_02.css
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 122 kB (122105 bytes)
Hash 4edc0aac0314df6641f864a847efdfd6
98c8a08f7a1ec0ef80be0b7add4724ae7132b073
2a994f12fea7b510a4ceeb67db3a46208a47b9658128acfc294760161b131675
Analyzer Verdict Alert openphish Lojas Renner
GET /style/css_02.css HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 06:54:20 GMT
ETag: "1dcf9-5d21024aa3f00"
Accept-Ranges: bytes
Content-Length: 122105
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
20.201.127.43/style/css_04.css
20.201.127.43200 OK 441 kB URL HTTP/1.1 20.201.127.43/style/css_04.css
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 441 kB (441399 bytes)
Hash fb2c9d315ea8f059ce584bb9c32db0f6
aa8cf1526fbeb66cce464a5f913a78abbcfdb509
eb6ad0c12025e4a820c13c7b7c9e52239582645f77b26c9b2d406dc0430fe7be
Analyzer Verdict Alert openphish Lojas Renner
GET /style/css_04.css HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:26 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 06:55:10 GMT
ETag: "6bc37-5d21027a52f80"
Accept-Ranges: bytes
Content-Length: 441399
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20.201.127.43/images/google-play-badge-reverse.svg
20.201.127.43200 OK 11 kB URL HTTP/1.1 20.201.127.43/images/google-play-badge-reverse.svg
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10788)
Hash dd500e2468aecaccb46e64859f38ed87
6922b1027cf980cf19ed84c94732c3b704798cc8
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /images/google-play-badge-reverse.svg HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:15:45 GMT
ETag: "2a25-5d20ded86de40"
Accept-Ranges: bytes
Content-Length: 10789
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20.201.127.43/images/bg-login.svg
20.201.127.43200 OK 664 B URL HTTP/1.1 20.201.127.43/images/bg-login.svg
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (663)
Hash bbba81daa6feeed173485552f13c0f2a
aa3778c907487f06760a88ed95fa98522512f292
3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /images/bg-login.svg HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/style/css_04.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:15:43 GMT
ETag: "298-5d20ded6859c0"
Accept-Ranges: bytes
Content-Length: 664
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20.201.127.43/fonts/Roboto-Regular.woff2
20.201.127.43200 OK 15 kB URL HTTP/1.1 20.201.127.43/fonts/Roboto-Regular.woff2
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14600, version 1.0\012- data
Hash a2647ffe169bbbd94a3238020354c732
0a59a3b17c93c1093c2514b3a9d51c91395aabd0
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:16:02 GMT
ETag: "3908-5d20dee8a4480"
Accept-Ranges: bytes
Content-Length: 14600
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
20.201.127.43/fonts/Roboto-Bold.woff2
20.201.127.43200 OK 15 kB URL HTTP/1.1 20.201.127.43/fonts/Roboto-Bold.woff2
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14680, version 1.0\012- data
Hash aa3e87117db2b3c27801cbb8dfe40c6c
a1118c5362e2dd34ac5cf34e135042c3ad827b58
36eea693231e39de5efd21718fea8fc98005b580b264522ffbef360939b8d75c
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Bold.woff2 HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:16:00 GMT
ETag: "3958-5d20dee6bc000"
Accept-Ranges: bytes
Content-Length: 14680
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
20.201.127.43/fonts/Roboto-Black.woff2
20.201.127.43200 OK 15 kB URL HTTP/1.1 20.201.127.43/fonts/Roboto-Black.woff2
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14592, version 1.0\012- data
Hash fa058128ab6fcaa61257208d085b4d57
71c4e4b88c8049ef87ab6ede1ed4c9934eff778e
6e85391e451421ec1d47481273c0b97555ee880504b0fe96c5cec1edd4b0c57f
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Black.woff2 HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:15:58 GMT
ETag: "3900-5d20dee4d3b80"
Accept-Ranges: bytes
Content-Length: 14592
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
20.201.127.43/images/celular-login.png
20.201.127.43200 OK 155 kB URL HTTP/1.1 20.201.127.43/images/celular-login.png
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 379 x 485, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (155176 bytes)
Hash e624d089f9b2fff768b6b592285a4f12
bef94cbbf3c93e3cc8cc45975065216efc046336
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
Analyzer Verdict Alert openphish Lojas Renner
GET /images/celular-login.png HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:15:53 GMT
ETag: "25e28-5d20dee00f040"
Accept-Ranges: bytes
Content-Length: 155176
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20.201.127.43/fonts/Roboto-Light.woff2
20.201.127.43200 OK 15 kB URL HTTP/1.1 20.201.127.43/fonts/Roboto-Light.woff2
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14696, version 1.0\012- data
Hash 68b24b48f11ff8e947976b529c6f5941
87d74c6bad63ee41c1bdc4382b05974e03c393e0
4e89ebb893667ecee54ecb976930e4b7172bb8f64c062fdc869863a72fa0fb21
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Light.woff2 HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:16:01 GMT
ETag: "3968-5d20dee7b0240"
Accept-Ranges: bytes
Content-Length: 14696
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
20.201.127.43/fonts/Roboto-Regular.woff
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Regular.woff
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Regular.woff HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Bold.woff
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Bold.woff
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Bold.woff HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Black.woff
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Black.woff
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Black.woff HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Light.woff
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Light.woff
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Light.woff HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14284
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14284
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14284
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14284
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:59:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14284
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:59:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 55015
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bc04f249ff8da1e71ebd8bc5dfda85d
da3f9add6816af819df6aac08796dc7478dd0517
9f4a02cde38c7d61352f390a8d91cf9028652395ad55a3a49966df4a63642a85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9907
x-amzn-requestid: b1b9a896-c745-496a-89df-b253d458f903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRm_EkKoAMF4cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c95f-3330e14379849de85eb3dda4;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DkZ7D4ZQQ9VTWjHqGhSVAFfIsn2mpzB8ZVCSBE1zvytS96oJAmDL2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 51423
etag: "da3f9add6816af819df6aac08796dc7478dd0517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 19797
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 55015
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 32040
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 420f8420af76fa258690bb842ff38db7
a37e39e4429d869abcf95cf3cb2c74675e174040
1d45d4f188ff54b5f66cd3c828affdd5d90b621c875c58a9fa6cd265f456d622
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 17279
x-amzn-requestid: 381c1622-0b7a-407a-a98e-ad5e10b67a33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1ExxoAMFsAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4ed02978326aebf338ccd998;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CIZCBfsULoj_hm3G56Um57QTYuGUjN63x_H1Bb3xPKeacmsrTLqLYw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 55015
etag: "a37e39e4429d869abcf95cf3cb2c74675e174040"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
20.201.127.43/fonts/Roboto-Regular.ttf
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Regular.ttf
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Regular.ttf HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Bold.ttf
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Bold.ttf
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Bold.ttf HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Black.ttf
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Black.ttf
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Black.ttf HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/fonts/Roboto-Light.ttf
20.201.127.43404 Not Found 300 B URL HTTP/1.1 20.201.127.43/fonts/Roboto-Light.ttf
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62de8e712c66b08e46686fc30ed2eb45
55b0ab2d51f24cd8c87caa24c292cc9408a4520e
f1f2332f608d0b9a189b1a534bb4f6da1883238023e3eb889248c1787aec7489
Analyzer Verdict Alert openphish Lojas Renner
fortinet Phishing
GET /fonts/Roboto-Light.ttf HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/style/css_02.css
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 300
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.201.127.43/images/favicon.ico
20.201.127.43200 OK 1.2 kB URL HTTP/1.1 20.201.127.43/images/favicon.ico
IP 20.201.127.43:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 84193db7bb54e471eccf12b6e018830a
2e771c3fffb5d898f72b04508e4036265c73f313
7a44788a6242acb89ad7de75c08ad96d5d6d39d21a6f6f57785102f03d82fabd
Analyzer Verdict Alert openphish Lojas Renner
GET /images/favicon.ico HTTP/1.1
Host: 20.201.127.43
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.201.127.43/senha.php
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:59:28 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 01 Dec 2021 04:24:24 GMT
ETag: "47e-5d20e0c762e00"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/x-icon