| | 138.2.246.39 | 200 OK | 25 kB |
URL User Request GET HTTP/1.1IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeHTML document, Unicode text, UTF-8 text, with very long lines (21544) Hash37c2c5c672c809989638577dee4941b0 d50a4249aa8dcad543a6b6859450f385bd37636b 17557839ed02634fcbe0681ea9606ce550b9c77c0c8143e36f72b973db8ed835
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 10 May 2024 12:17:28 GMT
Cache-Control: public, max-age=1800
Content-Encoding: gzip
|
|
| www.googletagmanager.com/gtag/js?id=AW-980051072 | 142.250.74.72 | 200 OK | 90 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-980051072 IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash4951c515908f2f0369d987d19d79857c f660dba4b1af4a9a1bc2e3995a86f4499a0313e4 a98455f917e1b610a57befe05fd3b031db28271b77fb596a87aa85b3ef9b7a22
GET /gtag/js?id=AW-980051072 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 11:47:28 GMT
expires: Fri, 10 May 2024 11:47:28 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.hsforms.net/forms/v2.js?pre=1 | 104.18.141.119 | 200 OK | 167 B |
URL GET HTTP/2js.hsforms.net/forms/v2.js?pre=1 IP104.18.141.119:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.net Fingerprint49:63:68:DE:D1:58:F7:46:97:8D:A9:5F:77:E7:1E:EF:95:DF:EB:E3 ValidityMon, 15 Apr 2024 01:41:40 GMT - Sun, 14 Jul 2024 01:41:39 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /forms/v2.js?pre=1 HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 May 2024 12:47:28 GMT
Location: https://js.hsforms.net/forms/v2.js?pre=1
Set-Cookie: __cf_bm=4QdnrmRHotCWkY0fbx5KYXtFDoI5hQEMUCQl22oJ5.Q-1715341648-1.0.1.1-jyuwIMjw.TmXMESfAOAXcuQJmcVk8mVU1gZ7gZQXRchbLSZToouJ2Y.QPyNQiRSChOHZzLvj6Jj42G3iurMRdw; path=/; expires=Fri, 10-May-24 12:17:28 GMT; domain=.hsforms.net; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ts0ut3zyjg6wcwsKc%2F4wQE0e6rbqGSNR2vI2DmuODohLizEuD43%2FBAknLKMUqwe0PQXx1lCcQJG160ziN672wlA6Xl%2FXa43LF9bVF5IilaW%2B%2Fds3p2NOAhbr08CIfEvu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8819b1d8f863b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/highlight.js/10.4.0/highlight.min.js | 104.17.25.14 | 200 OK | 38 kB |
URL GET HTTP/1.1cdnjs.cloudflare.com/ajax/libs/highlight.js/10.4.0/highlight.min.js IP104.17.25.14:80
File typeJavaScript source, ASCII text, with very long lines (1139) Hash7f6377f0f2e548aa8e8387b4efb5c03e 3a6fa8da64157172086c1c1315d2c71f12c68a65 a891b8a04134b7f48e33b075abe1a44caa1a7ab8c6e009fee6ed97cd799d479b
GET /ajax/libs/highlight.js/10.4.0/highlight.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 37559
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5fb57f34-1be36"
Last-Modified: Wed, 18 Nov 2020 20:08:20 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Wed, 30 Apr 2025 11:47:28 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A39NWdL%2Bw1rfP5Mt2eqANRW%2F3p%2BA%2BMHEPPPPZBVQjqNsIxzsyNzyRqDHV48Ojg4SIuKaGWR6QhSKUDphofvQHTidS9oPtEJ82mWFGbtDSzcDEnlRf2TeMVDH8KyZRiPyKXAG6yKZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8819b1d8fbfdb521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 138.2.246.39/assets/css/block/header.1712930780.css | 138.2.246.39 | 200 OK | 2.3 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/header.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (13017), with no line terminators Hash6ddc12ea4d6f24d9abc1a4bfa54c1b59 e571032d641f6133f24c8a22fff11dcea7d41ccc 16b094b84b605762c8dfd9703516028ca30d5dd0ac6253f33fa1fd8c4ce3a2d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/header.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/alephbet.min.1712930781.js | 138.2.246.39 | 200 OK | 6.8 kB |
URL GET HTTP/1.1138.2.246.39/assets/js/alephbet.min.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (28123), with no line terminators Hash67cc3ea6387d309ca493fe7eacd6f3a9 f968c692725d4e2bd0da058910deb9591ecb3246 a1923622963086344ed674331d80d2682be593945e1cb0cfc14e842caf92497a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/alephbet.min.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| widget.freshworks.com/widgets/72000004366.js | 54.230.111.43 | 301 Moved Permanently | 0 B |
URL GET HTTP/2widget.freshworks.com/widgets/72000004366.js IP54.230.111.43:443
CertificateIssuerAmazon Subject*.freshworks.com FingerprintDB:EF:BD:31:8C:8A:01:A0:2B:3C:E5:FF:73:3C:86:D8:D6:65:47:D3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/72000004366.js HTTP/1.1
Host: widget.freshworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-length: 0
date: Fri, 10 May 2024 11:47:29 GMT
location: /widgetBase/bootstrap.js
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AQeWXHk3ge7AcFsWvFVbj6lCAGJgbM8gB6Ryzkjs-tz1eHtkcyjf5w==
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/css/block/categories.1712930780.css | 138.2.246.39 | 200 OK | 1.1 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/categories.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (3889), with no line terminators Hash87bd3715e0b22838b975ed05829868d4 96e7e9e310505db26a4eae4a79d80d7e1b48dfde d62407e377b07ba3c908f2aef9f3db0aa3725ff1c7d9014fbfc1777ada71c4a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/categories.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/terminal-schools.1712930781.js | 138.2.246.39 | 200 OK | 1.7 kB |
URL GET HTTP/1.1138.2.246.39/assets/js/terminal-schools.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2027) Hash918a40db0c272b389e167d683cbb3dd7 1edd77742aaf886d301dbf38025e83658cef82fc fe4942ed5c574aa45294774d4f8fc2e2d5e02341349e85f9515ccd4ecafd0d3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/terminal-schools.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/navCategoriasHome.1712930780.css | 138.2.246.39 | 200 OK | 1.2 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/navCategoriasHome.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (4783), with no line terminators Hashd39287ac54899f13d3d5144f8847aae6 11674dd0ac2d3f0c8bb4b0cd36b1779c0c0770b3 e4ad1a3b1dd4eb7c8d61073c6a0bb00d93a6f24448efb8b315927665cce333f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/navCategoriasHome.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/terminalSchoolHome.1712930780.css | 138.2.246.39 | 200 OK | 1.6 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/terminalSchoolHome.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (6286), with no line terminators Hashf040cba740d31dc990eec695ac2175af 0d13251b43f8778aca21b52692599505aedf70e2 0a0e7210286bc13bf1ac75257c0672864fc71e65381dc1ed88574bc302c516da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/terminalSchoolHome.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:28 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:28 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/howItWorksVideo.1712930780.css | 138.2.246.39 | 200 OK | 905 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/howItWorksVideo.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (2801), with no line terminators Hash62932697935d912e4ece11c6a3f069df e32fa61bab2857a465092c7830a49548391cdfb8 9f8bec8f6a8b0ca8883dc952cba712120c0268db071f186b1a54eb22c6672697
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/howItWorksVideo.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/benefitsIcons.1712930780.css | 138.2.246.39 | 200 OK | 606 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/benefitsIcons.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (2129), with no line terminators Hash74e7c0324cae4426500589e0de477b17 a12317508bc07200153400b354782825c901b098 ddba4caafb9f28d8644d57a27993bea3a2d424883a6c9d80a1caa9c6e83a5b3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/benefitsIcons.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/listFormationHome.1712930780.css | 138.2.246.39 | 200 OK | 1.1 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/listFormationHome.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (3833), with no line terminators Hashb15afac62735c570c0a24e019249535f 21f8ed46d30defb938149f2a27b7ed5b285f8cf3 3ae031b3a75b2074ddf2a5e0fcf3e66e5a78dd6a8bc4c3df21dcd8e14067fe1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/listFormationHome.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/posTech.1712930780.css | 138.2.246.39 | 200 OK | 898 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/posTech.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (2726), with no line terminators Hash1753b4445fa0359797d0a000cb2896fc 48b00f27a30469a4293b39948967128286df2989 9f79de2c6b6248be95e5ae7fc55b9dbc3cca2e1de7a718b230c9f9305f3dcade
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/posTech.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/homeDestaqueDepoimentos.1712930780.css | 138.2.246.39 | 200 OK | 1.4 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/homeDestaqueDepoimentos.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (5872), with no line terminators Hashe5a74a9938ad735ff7658feca1ed18f5 7e5e54c830c0377a80e22ec1342a1c1acb368595 108512a81be01d910f7fe917a2aab23875f7e9d1bb9b34f5ef41cfed0b1acf30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/homeDestaqueDepoimentos.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/bundle,base/_reset,base/base,base/buttons,base/colors-apostilas,base/colors,base/titulos.1712930780.css | 138.2.246.39 | 200 OK | 1.6 kB |
URL GET HTTP/1.1138.2.246.39/bundle,base/_reset,base/base,base/buttons,base/colors-apostilas,base/colors,base/titulos.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (1597) Hash121301f0884af01f137eb3adf17ed5e6 cecfab005d3a59550b1fd6a784b97144ea9b302a 547f51cd1d3c362ac3aec5b324600bda9d709dd9121c5fc423a15bc2bb0fbdda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bundle,base/_reset,base/base,base/buttons,base/colors-apostilas,base/colors,base/titulos.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| widget.freshworks.com/widgetBase/bootstrap.js | 54.230.111.43 | 200 OK | 3.8 kB |
URL GET HTTP/2widget.freshworks.com/widgetBase/bootstrap.js IP54.230.111.43:443
CertificateIssuerAmazon Subject*.freshworks.com FingerprintDB:EF:BD:31:8C:8A:01:A0:2B:3C:E5:FF:73:3C:86:D8:D6:65:47:D3 ValidityTue, 11 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash41ee1289d4eafb0a9a03c233a7f966e2 c46cb5423958e7c5112d532c8e723245af612e6e 8034d61a205c07fa5c63e5d094ba0255995e932f9de27bf4306c52f72b311c92
GET /widgetBase/bootstrap.js HTTP/1.1
Host: widget.freshworks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 07:43:17 GMT
x-amz-version-id: _toIM6BL0VDe4hZj1rObmiuBGIE1Nb0h
server: AmazonS3
content-encoding: gzip
date: Fri, 10 May 2024 11:43:30 GMT
cache-control: max-age=900
etag: W/"96358557f33cdca557d32231f632b6ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l7h3y0RIeiHFhmV0soLuRIdiQ29Tlts03Luh3KGne1c6Qj9tdRaTVg==
age: 331
X-Firefox-Spdy: h2
|
|
| js.hsforms.net/forms/v2.js?pre=1 | 104.18.141.119 | 200 OK | 160 kB |
URL GET HTTP/2js.hsforms.net/forms/v2.js?pre=1 IP104.18.141.119:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.net Fingerprint49:63:68:DE:D1:58:F7:46:97:8D:A9:5F:77:E7:1E:EF:95:DF:EB:E3 ValidityMon, 15 Apr 2024 01:41:40 GMT - Sun, 14 Jul 2024 01:41:39 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size160 kB (160162 bytes) Hashb0047a8901d8ed9f81db3dcb5982114e c8fdf3933cb067d1c2aeb1dd4919a4bc9ffc8e8b f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
GET /forms/v2.js?pre=1 HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:28 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: BxZvwT8xNCk7icIg_dy1rV1Ka7OsJ9qgv0caWBcVQNgku2iJLht4aA==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=880b6701992c82b8-ARN
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
x-content-type-options: nosniff
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: be00dd2f-c69c-4546-9b33-0f818661d7bc
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: be00dd2f-c69c-4546-9b33-0f818661d7bc
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: EXPIRED
set-cookie: __cf_bm=tkPRwBbW0LF4cMPy3J6vQz3lZH2VCt9lEZDUa5aWcNY-1715341648-1.0.1.1-9CHDsQrfa8kdPXaU58gP8kvCPx8aKXWPRNKO_cUrMpEghwg1y0cLbM5NBJDdzNwSfM5DkTZn.gmQ75jNhg7jdw; path=/; expires=Fri, 10-May-24 12:17:28 GMT; domain=.hsforms.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3x%2Bum0MYkwyfsEgNqxUq%2B21JnBGtAsravh4i2LqLMw14tZ9gcEVaAcLC7qjBef9lChX7qbpi01uZuigHXbSrCbVnWhRP0hAJVdLPcSSYhctybDm76K4ogcGj5wAlFJoE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8819b1d969f256a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/js/avatarOnError.1712930781.js | 138.2.246.39 | 200 OK | 221 B |
URL GET HTTP/1.1138.2.246.39/assets/js/avatarOnError.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
Hashb4c566c733bf4c6fc9ab43ea7c813db7 81a7eea1d520e2d45496999e24271847ffa60017 778f7b2a8b116eec23a96700009b0d624218ec99d685c3dd6174addaef8f7ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/avatarOnError.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/bundle,block/elasticMedia,artigos/glider.min,animacoes/glitch,home/index.1712930780.css | 138.2.246.39 | 200 OK | 3.2 kB |
URL GET HTTP/1.1138.2.246.39/bundle,block/elasticMedia,artigos/glider.min,animacoes/glitch,home/index.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (7373) Hashd9e777480a156240175dd7d01c686d57 74c8fa4bdc186cf13d39dcf08ef88fe074340a22 5dcb84966b0714f6651d897f78669b9ddec9f33c966c659b7bb4aacf1d1dbc44
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bundle,block/elasticMedia,artigos/glider.min,animacoes/glitch,home/index.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/homeDestaqueEmpresas.1712930780.css | 138.2.246.39 | 200 OK | 1.1 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/homeDestaqueEmpresas.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (4500), with no line terminators Hashfdc45d7f2fabe743f64797c98a72be62 168d460c1a4307d7d8101cb0b0aec555ef589d67 19b63e46c6ccee738575e78a92d9ddc4e97413e4bab01620944ea67542585113
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/homeDestaqueEmpresas.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/homeLogoEmpresas.1712930780.css | 138.2.246.39 | 200 OK | 415 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/homeLogoEmpresas.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (1115), with no line terminators Hasheb595fb09fb82c7e5a37b7e56fff05ca cf95e923510fe5738e92187bcf9f70f299daa6d8 076209d22235a954c7fddf8db30ccf2516a4d0083d6087e59f0088cfd00e9b62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/homeLogoEmpresas.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/aluraCases.1712930780.css | 138.2.246.39 | 200 OK | 1.5 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/aluraCases.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (5307), with no line terminators Hash8f38649ad38b8a01a799d889b130c33d a3a6fd5a4eab279e79f465bd4032dace8761bacf db43539286ac1e04f86a07b5cae99c858f6798e9d689c4ffc3e1c6a6ac5dd469
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/aluraCases.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/upgradedMobile.1712930780.css | 138.2.246.39 | 200 OK | 729 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/upgradedMobile.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (2515), with no line terminators Hash94c3149ca849c79cb3c05fd910483843 5094b970ee6acfe8a5ccd7545407cdd88f6cafe2 67aefbfa293a517aee4120f4ea4cbb4929ae75edb4dda2e2e1491f585de4cb5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/upgradedMobile.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| www.googletagmanager.com/gtm.js?id=GTM-TN542JN | 142.250.74.72 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-TN542JN IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5317) Hash179a57e645c051a4bd5cabccf0312e52 827d677a81ddd6e6fdc33b307e6fe286265b986a aeafb14e45b78984103620837dd76ce60df09bd7dcc0d570c5007057d27a4a8a
GET /gtm.js?id=GTM-TN542JN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 11:47:29 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 138.2.246.39/assets/js/planosPagamentoOld.1712930781.js | 138.2.246.39 | 200 OK | 401 B |
URL GET HTTP/1.1138.2.246.39/assets/js/planosPagamentoOld.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (768) Hashf9d7e84f6a8df295bb2ed9d22707887d 5f87ccea42b514ed708074bb95bf5319cca1ae16 a456ef610a2342000fe7042c58f71b285e480f54c5cc35f781e354706a2bb379
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/planosPagamentoOld.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/planos.1712930780.css | 138.2.246.39 | 200 OK | 2.5 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/planos.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (10519), with no line terminators Hash8b780f9d99387d3c5345eb089d685179 c594a68b9b3e6325b16bec99e9ee3d33fabba26c 3e4625b19514c9c7ec505515325d992078be46664a4eb27e3103ca994aadf41d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/planos.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/benefitsPro.1712930780.css | 138.2.246.39 | 200 OK | 1.5 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/benefitsPro.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (6334), with no line terminators Hash0183cb6074c1e1be766c95d6bdbf83d1 bed2519bb7a126fc1c7eab1f59d0fb3c54d7e70a 41612301575ba3800d0934bc5d03086b46901f0882c64a3ca132fae1a914e194
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/benefitsPro.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/faqPlanos.1712930780.css | 138.2.246.39 | 200 OK | 893 B |
URL GET HTTP/1.1138.2.246.39/assets/css/block/faqPlanos.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (2460), with no line terminators Hash399bee6f142239c4ced9a7508b6e4215 74801b842c1eadefbf207c981d60327009f1d430 dd872d74067675939611736eab47900f2ff4637c1d92b8f91f9537ddd6da449b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/faqPlanos.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/css/block/footer.1712930780.css | 138.2.246.39 | 200 OK | 2.4 kB |
URL GET HTTP/1.1138.2.246.39/assets/css/block/footer.1712930780.css IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (10708), with no line terminators Hashd28a6792deeb81b0b4b9a0c891134fae 07ae13d46f528ce15faee3f4b85c6bd778bacdb8 a7b1a4aa2e77bb1581e399461800436255f032e77ca5f432e932ce2e190fa9e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/block/footer.1712930780.css HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/lib/svg4everybody.min.1712930781.js | 138.2.246.39 | 200 OK | 877 B |
URL GET HTTP/1.1138.2.246.39/assets/js/lib/svg4everybody.min.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (1214) Hashdf7db8b7fc434bd981a15bcbe3f5c1e5 529250579923e2fdd89c31635d55d8d341c3f45f 8aa34c7766bf3be3efee354c143444b4473c093a347d3ae7d48cae26e5970580
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/lib/svg4everybody.min.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| i3.ytimg.com/vi/ODEgEk83PLA/hqdefault.jpg | 142.250.74.142 | 200 OK | 30 kB |
URL GET HTTP/2i3.ytimg.com/vi/ODEgEk83PLA/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash5c0034320a06dd7a5ce58696631383f1 3fd2b8511384fe1da0aef83711481f4634fff0bf f676ac7253a856a58ed841f0541bd0d004342c6ff0ac08511687246ccda909ab
GET /vi/ODEgEk83PLA/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 30034
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "1678129194"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/pVdFGtF9OzY/hqdefault.jpg | 142.250.74.142 | 200 OK | 9.0 kB |
URL GET HTTP/2i3.ytimg.com/vi/pVdFGtF9OzY/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hasheb366d3dc5ee3f8f8fb18a66e3565d45 8486c9da4254ca82c02a43d34c2684b772097a61 bbda3dde7e125e507034e278e00e562a002f4bc64ada23b7683e3ae49d986b7e
GET /vi/pVdFGtF9OzY/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 9020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/mCHS_2NR-Uc/hqdefault.jpg | 142.250.74.142 | 200 OK | 30 kB |
URL GET HTTP/2i3.ytimg.com/vi/mCHS_2NR-Uc/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hashe5eb581c8b29ecbca3817f83fcb91c8f 801554fd0ba86bc3cb59b1dc7aa192d13cc8b26e 6e4265a6fb22b88dc9f3068a67e94ee78465701dad4854241029288399c3a9c3
GET /vi/mCHS_2NR-Uc/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 29838
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "1682689704"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/DDp0LKyfepo/hqdefault.jpg | 142.250.74.142 | 200 OK | 29 kB |
URL GET HTTP/2i3.ytimg.com/vi/DDp0LKyfepo/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash13c5ff5c98deb7be28ecbdadc0f00d29 3f2a3b0166df22db543064e30cba0acdbd6480aa 8fd75bcb8cb0cebadf1293bcb9e65b6f45f1afb7140a3061e612ddea43ff53bf
GET /vi/DDp0LKyfepo/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 28629
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "1679503365"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/-Ue_I6_qZOI/hqdefault.jpg | 142.250.74.142 | 200 OK | 31 kB |
URL GET HTTP/2i3.ytimg.com/vi/-Ue_I6_qZOI/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash76a9f9e2da029d5b764fe91003c55361 8f6f91451cc2dccaef724a75e9b609d9e6376a48 29b7913812ea76a91b14049a75c6eb3feec54566103ed042e0efb38626452a53
GET /vi/-Ue_I6_qZOI/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 30995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "1683294581"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/hmiM3gfFGGw/hqdefault.jpg | 142.250.74.142 | 200 OK | 27 kB |
URL GET HTTP/2i3.ytimg.com/vi/hmiM3gfFGGw/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash51b0ac0e129e6db86903b955b749f664 08528f0d03e3c0be46555591e48222bb35d43a36 85adec0cd79026bbbfcccbd90f648d29945860da90b8a4c8ecca6ad5df99f7f5
GET /vi/hmiM3gfFGGw/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26683
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 11:47:29 GMT
expires: Fri, 10 May 2024 13:47:29 GMT
cache-control: public, max-age=7200
etag: "1682022010"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/js/header/busca.1712930781.js | 138.2.246.39 | 200 OK | 356 B |
URL GET HTTP/1.1138.2.246.39/assets/js/header/busca.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (427) Hash7e32fb93b4fc1e03a70ea939b9252547 22640895c9137043502318b90b7b06c0e7a656da 363cd77b7e26887a0601ac98af4558a311cc22cdee9705ce72cfe5ad9f4134b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/header/busca.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/footer/footer.1712930781.js | 138.2.246.39 | 200 OK | 169 B |
URL GET HTTP/1.1138.2.246.39/assets/js/footer/footer.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with no line terminators Hash4919f7b1ed88f2a82d06790c608deadb caa6600760886c2ce4bf5680ad4b6e3eea0d046a 13f0e9f78c7f9b0b756681598c04f87220848403ed7be6c86a8d18e396fed1a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/footer/footer.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/header/menuMobile.1712930781.js | 138.2.246.39 | 200 OK | 198 B |
URL GET HTTP/1.1138.2.246.39/assets/js/header/menuMobile.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (325), with no line terminators Hash2c589078acac93fa25bb86a9e1978564 da74530dd24ac463ef4f46ae36493d837e2479ea 8f69254fd309354ae4d5e03a75f5d92650b6d1787d5d013cc6c28352362e893b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/header/menuMobile.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/header/menu.1712930781.js | 138.2.246.39 | 200 OK | 250 B |
URL GET HTTP/1.1138.2.246.39/assets/js/header/menu.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (417), with no line terminators Hash1320137508d08fd5090dc6179b13a131 2f30741af0e7e5a14d411c91a8e8ce03ed56c9d5 0bee0d4dc44281b99cad06d5d7c480caed67445ff5e546ea00fe731c2eec866f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/header/menu.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/header/cursos.1712930781.js | 138.2.246.39 | 200 OK | 424 B |
URL GET HTTP/1.1138.2.246.39/assets/js/header/cursos.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (782) Hashe1cd6172510d4564f188c27053a94f10 76db8c8711841c8423f834b9a9079c9e2a89c05b 8c7b54a27d4911bafcc5ef3d8408c8a5c9fb465575ddee1376b0415946cb02f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/header/cursos.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/detect.1712930781.js | 138.2.246.39 | 200 OK | 391 B |
URL GET HTTP/1.1138.2.246.39/assets/js/detect.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (322) Hashe959dbca38e6950f0f105939c8ccb4c3 ecf14e647e3c070ea3ee9f7588525c73e7c7a615 2aaf187d3fc57a969c1e27e3c8d854425297952e26fa0782ef1e06f8a7d0d8d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/detect.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/video.1712930781.js | 138.2.246.39 | 200 OK | 252 B |
URL GET HTTP/1.1138.2.246.39/assets/js/video.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (369), with no line terminators Hashf86c9ab3c857886606f4537be606b3bc a4ccf193b98946976f4bfaeb021ed8688f41c1fc 7c93f78b902c6bf10d03d0347002e81f73d40812114a286d2b868c195a6d3efb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/video.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/countdown.1712930781.js | 138.2.246.39 | 200 OK | 492 B |
URL GET HTTP/1.1138.2.246.39/assets/js/countdown.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (642) Hashaf82cd13bfcb88bc48cd216fdb098d31 99bffa4a55f4b8fd56b7ae3b155ca7a534351389 d45ae543abce046f689c48ddf6700ab7547bc08925e586726ac279cc173717e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/countdown.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/header/cookie-influencer.1712930781.js | 138.2.246.39 | 200 OK | 892 B |
URL GET HTTP/1.1138.2.246.39/assets/js/header/cookie-influencer.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (1116) Hash9dbe1295afd8bcf23a9d71be4ab98fc7 63e6a1fad00b437e0cf5c91a0a842b8f8dab849d f3d8d4d2ce0ad282402ea71c9950a3d74585483049ebde15f5436dd774c131f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/header/cookie-influencer.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/trackers.1712930781.js | 138.2.246.39 | 200 OK | 453 B |
URL GET HTTP/1.1138.2.246.39/assets/js/trackers.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (385) Hashdbaa27cf1d396a56d69d4a2eaadbf12b 256a4440d4bfca93b1d9b91bbbf1a8c22509ba50 c95249228df904e31f0756fd23e8e5512ae03d10a254bddac72f0da65815afe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/trackers.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/courseIconFallback.1712930781.js | 138.2.246.39 | 200 OK | 262 B |
URL GET HTTP/1.1138.2.246.39/assets/js/courseIconFallback.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
Hash4ce9521af736baf15077c4a8358a33be ad9814fccae34e1202e66605bca12fa8376de7b0 9dd5e414a6540e4e80149b75ebe234d853e35fa937f2cf6c8c9602e7f40a1ee9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/courseIconFallback.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/imersoes/duvidas.1712930781.js | 138.2.246.39 | 200 OK | 297 B |
URL GET HTTP/1.1138.2.246.39/assets/js/imersoes/duvidas.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
Hashdec35cc487c633e074af7c7bc604d4ea dae466e0a7c454152edda7ffec090968c61c4fc4 6ff5387de536e34135e7545482a81c3a9a8e91ccb67f246a0c450cf6a84f038e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/imersoes/duvidas.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:29 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/videoPlayer-cover.1712930781.js | 138.2.246.39 | 200 OK | 418 B |
URL GET HTTP/1.1138.2.246.39/assets/js/videoPlayer-cover.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (490) Hash35ea6f285fb02cf13181bb702b946dc5 417d548c8def2fb93e26d8bf7d79574768ae7f81 0cf0e519a63e0742c1299227e5eeff9089b11dd50af1a67f80447ea900e4409e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/videoPlayer-cover.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/convertImgToSVG.1712930781.js | 138.2.246.39 | 200 OK | 287 B |
URL GET HTTP/1.1138.2.246.39/assets/js/convertImgToSVG.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (444) Hash30aa858f261b6799717097d4a034c92d 8ea1a9fe50f294e9fffb641032b27a4b9d228d73 efa5d7853f7b551c6fdedbc0525706f8ba76b29e99c70ffe77841ff7e2028124
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/convertImgToSVG.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/artigos/glider.min.1712930781.js | 138.2.246.39 | 200 OK | 2.8 kB |
URL GET HTTP/1.1138.2.246.39/assets/js/artigos/glider.min.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (7984), with no line terminators Hashfc5c08b5057aa0ecdb9914a320300cec 44b1ea80bcf4c543622082eed87624a03a3c5b25 e4a57f7d46a67ecd121767ef4128ca8d08b4d96f369d75b78fc146065aefbfe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/artigos/glider.min.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/home/slideCases.1712930781.js | 138.2.246.39 | 200 OK | 242 B |
URL GET HTTP/1.1138.2.246.39/assets/js/home/slideCases.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeASCII text, with very long lines (394), with no line terminators Hash14cd1ac342280b595b89f3f72768eb91 86168c6b5851698e598eec9bab76bcd086fabebd 60a6fc0c8dce0067cd2bd900fef526b4f05fd2c9ae1ef5c7b25cd009021d56b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/home/slideCases.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/js/alephbet.min.1712930781.js | 138.2.246.39 | 200 OK | 6.8 kB |
URL GET HTTP/1.1138.2.246.39/assets/js/alephbet.min.1712930781.js IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJavaScript source, ASCII text, with very long lines (28123), with no line terminators Hash67cc3ea6387d309ca493fe7eacd6f3a9 f968c692725d4e2bd0da058910deb9591ecb3246 a1923622963086344ed674331d80d2682be593945e1cb0cfc14e842caf92497a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/alephbet.min.1712930781.js HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js | 104.17.25.14 | 200 OK | 3.0 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js IP104.17.25.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8830) Hashe5a5b331cf54c474203628eb9398470e 6d2e5b6a22edb7d95e0ac7523d74f5f7013cb344 7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
GET /ajax/libs/js-sha256/0.9.0/sha256.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 2977
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec6-2339"
last-modified: Mon, 04 May 2020 16:11:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 847794
expires: Wed, 30 Apr 2025 11:47:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvPzPeJ63mn87VrNNs3bQsXHXhzfH0z3IcVca%2BN8%2BuUEStqwjFJgyiHhoPaa6MQ9T2RzhElWC1mvMrWS2G063bcKfefHvKUJ%2BXwQ%2BNcvRaL0bf6Kgu8bV%2F2NmweoUI7YNXdXiSMW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8819b1e35c25569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/destination?id=AW-980051072&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-980051072&l=dataLayer&cx=c IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash2da2c625a00040907f3e5e13306a8b84 a36915daea68f9d2fba7f944e8b76285c37d6447 8b0f6464cb088504482198f959cf6237562aed7f09b437a902786d9459b502bf
GET /gtag/destination?id=AW-980051072&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 11:47:30 GMT
expires: Fri, 10 May 2024 11:47:30 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 138.2.246.39/assets/img/alura2023/home/arrows-down.1712930780.svg | 138.2.246.39 | 200 OK | 178 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/arrows-down.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashc301ee7baaa709db85da82a182c39c14 689c3d4d8cfcab374ce5fe952007f1694d06a840 8339652fe24155e35466b246afeb2b1f2c03ec30d37f7eb77513de4fd941a227
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/arrows-down.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/bundle,block/elasticMedia,artigos/glider.min,animacoes/glitch,home/index.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/console-prompt.1712930780.svg | 138.2.246.39 | 200 OK | 796 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/console-prompt.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashb40e876f3476450690ed7a57654c22d3 3ebddb850d4cf985bdf5d5775ba71e3ae799b605 6da228c58039d282a892f579ec797b91ac28163a927ae2cbeb3e7abc1a01502e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/console-prompt.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/terminalSchoolHome.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/video-play.1712930780.png | 138.2.246.39 | 200 OK | 2.2 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/video-play.1712930780.png IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 111 x 111, 8-bit colormap, non-interlaced Hash2c50951ae410de21e3fc57974e6b1d8f a02da5d1958968f33df399d77b5cb01522b383bd ae2c97cab8a18f954f7b5ba62658af7b160acfc4b8e0e0ee3c22dda9829b7f9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/video-play.1712930780.png HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/howItWorksVideo.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/svg,1712930780/categorias | 138.2.246.39 | 200 OK | 6.0 kB |
URL GET HTTP/1.1138.2.246.39/svg,1712930780/categorias IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash0f21ce1ea9f27804da882e88f956fa42 041dda47dc3bc090b5d032383d3c8d4c9f63030f b9167d9f5abf6ee270d6d60f15b05cbe873dedc2f8a861d0f31ae8111d7e9aeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /svg,1712930780/categorias HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 10 May 2024 15:47:30 GMT
Cache-Control: public, max-age=14400
CDN-Cache-Control: public, max-age=14400
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/home/alura-logo.1712930781.svg | 138.2.246.39 | 200 OK | 1.4 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/alura-logo.1712930781.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashfbd3c76c37f2f8aaf08fa9705800ddf4 44db903259952bdcb23cbd780b428a90ed8ac727 05e3effd230bb282d3908447f9d42b0ecf88acebe45f857a5a1925d64a76c783
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/alura-logo.1712930781.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/console-prompt-detail.1712930780.svg | 138.2.246.39 | 200 OK | 231 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/console-prompt-detail.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash03736521dae4a1e22182640fecf19e11 a3fdd59a3404486dac7600eb8ce3ae775c873985 5ca446257b3b44c395cffc6e21e16ffde3679d6b14cbb3740b93e7f66b316d40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/console-prompt-detail.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| forms.hsforms.com/embed/v3/form/21748317/39a8f8bd-d48f-4f45-8ed4-d26366176d39/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 | 104.19.175.188 | 200 OK | 1.2 kB |
URL GET HTTP/1.1forms.hsforms.com/embed/v3/form/21748317/39a8f8bd-d48f-4f45-8ed4-d26366176d39/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 IP104.19.175.188:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT
Hashda2cc2ffc516e68454b9f22240a3fc26 28a510ee36be8d0eb08802b3a68cc5d879262e58 fa92244c4ee9fb036f4ea8478f0567d2fab3583e9403804fb5e21ef8eebe6826
GET /embed/v3/form/21748317/39a8f8bd-d48f-4f45-8ed4-d26366176d39/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/json;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Origin-Hublet: na1
Vary: origin
Access-Control-Allow-Origin: http://138.2.246.39
Access-Control-Allow-Methods: OPTIONS, GET
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 180
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
X-HubSpot-Correlation-Id: 18fd52fd-3ebb-4f49-a371-ec2609654a90
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-scnhl
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 18fd52fd-3ebb-4f49-a371-ec2609654a90
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: __cf_bm=r8RMv1FH3htMoOu54oceeUG.U3x6LpSfzpEqIDUHsc4-1715341650-1.0.1.1-dTu.LidgrosygOCr4n9BE5.5L4I0f.UYM3YB7DJawxSfomMs9hEiCfyX61kEbhoaJxUgkWMgeSYSakm_DFIT0g; path=/; expires=Fri, 10-May-24 12:17:30 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
_cfuvid=7yVoutW48mPYimsx7iWMxTbi5Zd92l.kEgmjEmRQbkE-1715341650709-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 8819b1e408ba7131-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 138.2.246.39/assets/img/alura2023/home/logo-google.1712930780.svg | 138.2.246.39 | 200 OK | 1.6 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/logo-google.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash1173adbc484fd99a9bc3cf617d4f4449 40f98aeee4b63b6da1f89878b951f5ac41c24036 26f05bbbe157b6ae90ba22e1ae3ad7a7c9e4ce5b6e6d29b563526236543d3a48
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/logo-google.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/logo-apple.1712930780.svg | 138.2.246.39 | 200 OK | 2.3 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/logo-apple.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash1c9189f41a21fb3b47e40402eb5ea425 4b7f623ce2241201bc05b5e80087026dcbeed950 2988cd9353e658c3d47eb8fdea9ef0faef4d49bc546f9755078e4e4ef6f149bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/logo-apple.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-plan-plus.1712930780.svg | 138.2.246.39 | 200 OK | 486 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-plan-plus.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashb81412f67519cb5db89843a1e64ad77f a7269fe37e85e7d1962f68d1ed0d50ad563c7f0f 455978db59cb8ee701ae2af2943e64c741e44f1f524c0d4dbeae83f241d924d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-plan-plus.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-plus.1712930780.svg | 138.2.246.39 | 200 OK | 336 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-plus.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashfa9a403c93135d9e5f6710dc7cb782c8 b0cf732d999217a828e2ec186d34c7a870b9999b 65a9f0137fae95a0cbf4042e458764663634d8537fedb0287fe6a11d46d03ce9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-plus.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| www.redditstatic.com/ads/pixel.js | 151.101.193.140 | 200 OK | 12 kB |
URL GET HTTP/2www.redditstatic.com/ads/pixel.js IP151.101.193.140:443
CertificateIssuerDigiCert Inc Subjectwww.redditstatic.com Fingerprint2F:CB:EB:6E:79:ED:BE:34:24:FF:A9:C2:0C:D1:07:8D:56:7F:2F:16 ValidityMon, 08 Jan 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (43235) Hash9d7767c3fb6cfadcd8db56b8ac8ec4b6 611475c945b7196c9b241ecc1c760f03e813353c 5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 17:43:30 GMT
etag: "337f63427080a8d6a60316b759dab390"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 10 May 2024 11:47:30 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 12083
X-Firefox-Spdy: h2
|
|
| pixel.byspotify.com/ping.min.js | 34.117.162.98 | 200 OK | 6.2 kB |
URL GET HTTP/2pixel.byspotify.com/ping.min.js IP34.117.162.98:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services LLC Subjectpixel.byspotify.com FingerprintE2:2A:07:53:01:30:82:D1:4C:33:CD:65:D6:C6:32:74:F4:0E:BE:C3 ValidityFri, 26 Apr 2024 14:39:02 GMT - Thu, 25 Jul 2024 15:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (32607), with no line terminators Hash32e1f68082d1c053ed8067e29ce85ca9 0cd8b547e4ff5354da3f5d48e4b174b7b52cd99b 20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
GET /ping.min.js HTTP/1.1
Host: pixel.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPp4qQrG5IhofesAZc4zzDpx4UzIfhXafrnLLtJCap9Ds7Xc2Vp-qcfjFzMWPovRJYrjomg
x-goog-generation: 1697050835633914
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6158
content-encoding: gzip
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 6158
server: UploadServer
via: 1.1 google
date: Fri, 10 May 2024 10:54:28 GMT
expires: Fri, 10 May 2024 11:54:28 GMT
cache-control: public, max-age=3600
age: 3182
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
etag: "13069f74108a788c598831c3a4ff2cdf"
content-type: application/javascript;
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/img/alura2023/home/selo-a.1712930780.svg | 138.2.246.39 | 200 OK | 831 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/selo-a.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashab22010920cc45fb5f9bea2586415cd5 c14f676b073e7c2a670840fb1aa3cb3ade1b997a 7e5d3c3e5990f544ab3fbccbba8d1f0f4d172955c11377a71ff4271b25ff05b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/selo-a.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/svg,1712930781/footer | 138.2.246.39 | 200 OK | 12 kB |
URL GET HTTP/1.1138.2.246.39/svg,1712930781/footer IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash0ab6650d1cd7de7275be0e5b1edf61d3 b8111080b2ac24880261a6b13a76468b493dcb74 12a683087fb6f88e882cb8f1c32fae7cd4733506a92ea49b59f08568ba64b521
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /svg,1712930781/footer HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 10 May 2024 15:47:30 GMT
Cache-Control: public, max-age=14400
CDN-Cache-Control: public, max-age=14400
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-cursos.1712930780.svg | 138.2.246.39 | 200 OK | 369 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-cursos.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashe01e52cc6eef21e75796fb60d2c68c58 0333bea2092b82c5269be9ce45be8797127028f3 010d0c6e4ed626b54ffc5315053661503c6d77804dfb553871ef486a404db9f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-cursos.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-app.1712930780.svg | 138.2.246.39 | 200 OK | 1.0 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-app.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash1c0ed3eceefe486cff302b220d6978dc d7293dcf07deb145b658fa636ae103d1394500c8 55c371156d1918c0bce402331fc7ee39970a2e461f603080b9b09c100cecf377
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-app.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| js.hs-scripts.com/21748317.js | 104.16.139.209 | 200 OK | 660 B |
URL GET HTTP/1.1js.hs-scripts.com/21748317.js IP104.16.139.209:80
File typeASCII text, with very long lines (495) Hash4f6fa99435a6cde133f94a45148ad173 4d6ceeaeeb23366a8c02ddb93060e7b9108e5d6a 297d175c7834445afd93dd424c4c3e8bf12a74b8bb8cb50360b08250e9d419a4
GET /21748317.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 660
Connection: keep-alive
Vary: origin, Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://138.2.246.39
x-envoy-upstream-service-time: 5
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
X-HubSpot-Correlation-Id: e0573e8b-9032-447c-bc85-948359e69881
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-7c5tp
x-evy-trace-listener: listener_http
x-evy-trace-route-configuration: listener_http/all
x-request-id: e0573e8b-9032-447c-bc85-948359e69881
Last-Modified: Fri, 10 May 2024 11:47:30 GMT
CF-Cache-Status: MISS
Expires: Fri, 10 May 2024 11:49:00 GMT
Cache-Control: public, max-age=90
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 8819b1e599145694-OSL
|
|
| 138.2.246.39/assets/img/alura2023/home/hero-bg.1712930780.png | 138.2.246.39 | 200 OK | 169 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/hero-bg.1712930780.png IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 698 x 698, 8-bit/color RGBA, non-interlaced Size169 kB (168556 bytes) Hashbbe0cd327d86e3b57ac68f72202e25b5 b57efd128925602c33b7cbcee2247af0aaa2dffd dfdac3a34719d24e15ade17966ab299c604cdd381c8e616fff0c20f7814068d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/hero-bg.1712930780.png HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/bundle,block/elasticMedia,artigos/glider.min,animacoes/glitch,home/index.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/alura2023/home/logo-google.1712930780.svg | 138.2.246.39 | 200 OK | 1.6 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/logo-google.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash1173adbc484fd99a9bc3cf617d4f4449 40f98aeee4b63b6da1f89878b951f5ac41c24036 26f05bbbe157b6ae90ba22e1ae3ad7a7c9e4ce5b6e6d29b563526236543d3a48
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/logo-google.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:30 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| js.hs-scripts.com/21748317.js?businessUnitId=330325 | 104.16.139.209 | 200 OK | 669 B |
URL GET HTTP/1.1js.hs-scripts.com/21748317.js?businessUnitId=330325 IP104.16.139.209:80
File typeASCII text, with very long lines (502) Hash93a71cd65e4e865d08df93693c44d260 0d040e068716e3805d46620276e76431a6e109bd 2455ae54f8ae539a9322fe4bf8c08304f59cc763fb1b9875f9f6ee34430c3775
GET /21748317.js?businessUnitId=330325 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:47:30 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 669
Connection: keep-alive
Vary: origin, Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://138.2.246.39
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
X-HubSpot-Correlation-Id: c3ef50ca-00c2-40cc-921c-a4d8d57abef4
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd
x-evy-trace-listener: listener_http
x-evy-trace-route-configuration: listener_http/all
x-request-id: c3ef50ca-00c2-40cc-921c-a4d8d57abef4
Last-Modified: Fri, 10 May 2024 11:47:30 GMT
CF-Cache-Status: MISS
Expires: Fri, 10 May 2024 11:49:00 GMT
Cache-Control: public, max-age=90
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 8819b1e58a5c0b41-OSL
|
|
| forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 | 104.19.175.188 | 200 OK | 35 B |
URL GET HTTP/3forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 IP104.19.175.188:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: image/gif
content-length: 35
cache-control: max-age=0, no-cache, no-store
vary: origin
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: cede3f5f-1574-4ec0-b03f-b77d52242d24
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-scnhl
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: cede3f5f-1574-4ec0-b03f-b77d52242d24
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: __cf_bm=jPBiSykoq3vpwiTyG7cHqA3NZe6YDwU_Z5OFkU8rhSU-1715341651-1.0.1.1-xzqa37H8Gp8YlHIF6t3Q9HPyDh_eb84BMsHm7EQkfPoMZt4sPVzRE3HuVMgjAu.0NUnrFNOlgcUomlDhA1Kuyg; path=/; expires=Fri, 10-May-24 12:17:31 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
_cfuvid=Xki4lkll_5jxHKQl0TyZoWugYiXit8zTB6H2HenvHVQ-1715341651016-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8819b1e61fcb5693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_vtw73fnv_telemetry | 151.101.193.140 | 200 OK | 98 B |
URL GET HTTP/2www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_vtw73fnv_telemetry IP151.101.193.140:443
CertificateIssuerDigiCert Inc Subjectwww.redditstatic.com Fingerprint2F:CB:EB:6E:79:ED:BE:34:24:FF:A9:C2:0C:D1:07:8D:56:7F:2F:16 ValidityMon, 08 Jan 2024 00:00:00 GMT - Sat, 06 Jul 2024 23:59:59 GMT
Hash5143820daeb644938735d6b28c0059e7 22316bb57b4fa755662fd6f5fb7f749b21ac32a1 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
GET /ads/conversions-config/v1/pixel/config/t2_vtw73fnv_telemetry HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=300
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Fri, 10 May 2024 11:47:31 GMT
via: 1.1 varnish
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 98
X-Firefox-Spdy: h2
|
|
| forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 | 104.19.175.188 | 200 OK | 35 B |
URL GET HTTP/3forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 IP104.19.175.188:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 HTTP/1.1
Host: forms-na1.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: image/gif
content-length: 35
cache-control: max-age=0, no-cache, no-store
vary: origin
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c53b7910-4391-40b6-bc41-d89338aded2d
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fl6gb
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: c53b7910-4391-40b6-bc41-d89338aded2d
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: __cf_bm=zbyXWLPlLsbDWf0F.jou_X1P.EkxGDKiBfXKyNFr0UM-1715341651-1.0.1.1-AItp6Z1UlZZAWPMKOBLH7Rqx2mLwHMwvBV7J8wJ9ay38FpckFI6qCNcbf5dFZSrYPHUBZOPrcCWLL5hhTIVpag; path=/; expires=Fri, 10-May-24 12:17:31 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
_cfuvid=5Qk9P3.Wl7_6l2PHraC_6KKkdOvx7icMI2VN6FS6UlI-1715341651123-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8819b1e6b8745693-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-plan-pro.1712930780.svg | 138.2.246.39 | 200 OK | 464 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-plan-pro.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashadd038c4e47fafa509317974fcc45a52 dc3b2080905059b633a91ef921612b0736f77bb3 38d971522a59b578ccb858caffc8eacacc53b23396368b393a6ac64cd8186911
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-plan-pro.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-pro.1712930780.svg | 138.2.246.39 | 200 OK | 360 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-pro.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashf884433fe1762e658a17e859705f2026 058c9b334665e4783be11690911d206418c2311d 61d5ef76920e49e310b39bb5fbb12f1a9bb43ce0cf47e39c11a45d4a1391d40e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-pro.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon_selo.1712930780.svg | 138.2.246.39 | 200 OK | 861 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon_selo.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashf97f6e6694191f612986857626eb520f 28d45f43db82678db9bec2c2c67ced37d2b43d95 5e7cd0632921b95b4e6018b081502fc0072c20d9f5c107b32491629ae841619a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon_selo.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/logo-apple.1712930780.svg | 138.2.246.39 | 200 OK | 2.3 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/logo-apple.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash1c9189f41a21fb3b47e40402eb5ea425 4b7f623ce2241201bc05b5e80087026dcbeed950 2988cd9353e658c3d47eb8fdea9ef0faef4d49bc546f9755078e4e4ef6f149bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/logo-apple.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://138.2.246.39/
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/texto_selo.1712930780.svg | 138.2.246.39 | 200 OK | 2.3 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/texto_selo.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashb5aa67cf830d32e41e5974428908cf7f 43a77757f2605915b12ee7eaf4baf21de5c3653e 64b380c46d9b9433325bef1efbe28b5dc6877183521dd42a3e8248d877d1714a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/texto_selo.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/formations-divider.1712930780.svg | 138.2.246.39 | 200 OK | 145 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/formations-divider.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash2562d5f34e12d3d57fc261d7165f7bdf b6a4299d3e42360e3a041800833d5176c431611a 606d3831629a7b2e6bde1d7345e14a6ea703d447cd33d0956a8f5c36e2d71e65
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/formations-divider.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/listFormationHome.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| evnt.byspotify.com/ | 34.111.186.1 | 200 OK | 0 B |
IP34.111.186.1:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services LLC Subjectprfx.byspotify.com FingerprintAE:21:4F:C8:4C:7D:02:0A:EE:4E:C8:8E:65:F4:1C:1E:FB:9C:75:C7 ValidityWed, 01 May 2024 21:18:05 GMT - Tue, 30 Jul 2024 22:11:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: evnt.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://138.2.246.39/
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: http://138.2.246.39
access-control-allow-credentials: false
content-length: 0
date: Fri, 10 May 2024 11:47:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/img/alura2023/home/divisor-section-down.1712930780.svg | 138.2.246.39 | 200 OK | 144 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/divisor-section-down.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash43c6da67f7efd0c77beee0599561df78 f3a5ee52ad3af3f3c0864fcd1699eba9a94084cd cf2d7f9a38fd19da47557a1685fd61a970f35d292c9c63c1d77328d1a09781d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/divisor-section-down.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/homeDestaqueEmpresas.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/divisor-destaqueAlunos.1712930780.svg | 138.2.246.39 | 200 OK | 278 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/divisor-destaqueAlunos.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash02c00a3ec8415ec7a91eff61f978c78f 3ddc1ec085ec6e3bc230e7684b06c70cee6c161a bd5591c6c89c4ad8e853735fb1e20c47e302c32b9d47cc52cf6a1ab100f4ccc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/divisor-destaqueAlunos.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/homeDestaqueEmpresas.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/isabela_goncalves.1712930781.jpg | 138.2.246.39 | 200 OK | 65 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/isabela_goncalves.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash0a3f9eff13e9a9c2429382f2f3cce8ca cf5f0336fb44f97c2fcd3e34eb08ad613b0f5e0c 0abb7b6f62ec6137c4879b0795603c7497a07a600b20ef507c7fd227d9706197
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/isabela_goncalves.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| js.hs-banner.com/21748317/330325.js | 104.18.34.229 | 200 OK | 16 kB |
URL GET HTTP/2js.hs-banner.com/21748317/330325.js IP104.18.34.229:443
CertificateIssuerLet's Encrypt Subjecths-banner.com FingerprintFD:CD:8E:97:D4:7A:91:8A:CF:B0:8D:03:EF:EB:A1:49:9F:F6:62:40 ValidityMon, 01 Apr 2024 01:01:12 GMT - Sun, 30 Jun 2024 01:01:11 GMT
File typeJavaScript source, ASCII text, with very long lines (61243) Hasha2664f07587c7cefa3c93d47b16519ab 90763292249b35ddf2c6bb2ac274b98174d49e00 3270b98bfc1e1be96fdde45c4dfc016d14da85e4355165531e96c50bb82347bf
GET /21748317/330325.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: jDjSN1KzO75+TW0v9lClTKImBjwrQj9yoAF+DHcyHP+4K0fQmwKFRSOSj3urTcYyqXLPllTnnFw=
x-amz-request-id: 04A8VW2AAM73HSAR
last-modified: Fri, 29 Mar 2024 16:40:18 GMT
etag: W/"a2664f07587c7cefa3c93d47b16519ab"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: sM.oFoIt3OQ_DP3ZfE.bU1ZzPS4r3uUn
access-control-allow-origin: https://www.alura.com.br
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Fri, 10 May 2024 11:52:31 GMT
x-envoy-upstream-service-time: 37
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: cbecf759-9654-4d4a-b895-3afecdccd49a
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6dfb9475dd-zxf69
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: cbecf759-9654-4d4a-b895-3afecdccd49a
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8819b1e70cfd1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| evnt.byspotify.com/ | 34.111.186.1 | 200 OK | 2 B |
IP34.111.186.1:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services LLC Subjectprfx.byspotify.com FingerprintAE:21:4F:C8:4C:7D:02:0A:EE:4E:C8:8E:65:F4:1C:1E:FB:9C:75:C7 ValidityWed, 01 May 2024 21:18:05 GMT - Tue, 30 Jul 2024 22:11:37 GMT
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST / HTTP/1.1
Host: evnt.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://138.2.246.39/
Content-Type: application/json
Content-Length: 589
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: application/json
content-length: 2
date: Fri, 10 May 2024 11:47:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.usemessages.com/conversations-embed.js | 104.16.78.142 | 200 OK | 116 kB |
URL GET HTTP/2js.usemessages.com/conversations-embed.js IP104.16.78.142:443
CertificateIssuerLet's Encrypt Subjectusemessages.com Fingerprint10:23:8B:40:70:5B:AD:73:FE:2B:21:6F:E2:DC:E4:38:FC:77:04:EA ValidityFri, 12 Apr 2024 01:27:22 GMT - Thu, 11 Jul 2024 01:27:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size116 kB (115811 bytes) Hash38c0f4e585c7be2cd8f8319984fb416e 30133ad382dc3182b84d8b80f5206d408d3992fd c7d9a686bb0087bcf8dee308b4d949bb24efe4160b798c32deee763680ec5c31
GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 May 2024 16:33:15 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: l9AE2jsbiUI79jM2Iqb6n6la3yJ_LRhe
etag: W/"38c0f4e585c7be2cd8f8319984fb416e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: o2-jpP6i_zlGJvELVrFHfoq8kear9Oe8yGIwjTCxioaAmm74cNBH8A==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16230/bundles/project.js&cfRay=8802ab5fbb8c0b55-ARN
cache-control: max-age=600
x-hs-target-asset: conversations-embed/static-1.16230/bundles/project.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6e2ba055-804a-4db5-a192-fc9f25f774f6
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6e2ba055-804a-4db5-a192-fc9f25f774f6
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 157
server: cloudflare
cf-ray: 8819b1e71dab56cb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-449675183&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-449675183&l=dataLayer&cx=c IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash48f4c209df8aa775a77c08d086140f88 27197020a7dc72f284db36061beee4675794f6c6 4881aea750713befc239455639f0467d23e029e5e525d149de42c4d66804f4ad
GET /gtag/js?id=AW-449675183&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 11:47:31 GMT
expires: Fri, 10 May 2024 11:47:31 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/bg-cases.1712930781.jpg | 138.2.246.39 | 200 OK | 96 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/bg-cases.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1439x545, components 3 Hash7a70aef5f87a6825d4e29a24b11bbe49 b20568a360ba765f24f7b360ff6257a7c21078b1 4e49397451255a22b795b46a61246e9f9fa013f866c3d1317139e0b1650793af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/bg-cases.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/aluraCases.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/eduardo_amaral.1712930781.jpg | 138.2.246.39 | 200 OK | 42 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/eduardo_amaral.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hashe4370ae8380e81017cac5a7814a8ef9e e1fe7dc3b94ab4fc338caec4da654c72b9829f43 0cf18ee11d62d0616fbf4303bd2ecbc78359bfc556a7964502fb76135ac07db9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/eduardo_amaral.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/marco_aurelio.1712930781.jpg | 138.2.246.39 | 200 OK | 52 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/marco_aurelio.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash6869259d735b4dc33b6f11db7cb7011f 3454f6bc105cdf744469808c699182a04fb7a1d1 e38898f75ec8e908f5cb2b11fe55847c345e9d85265a0f41ca9b34524e977846
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/marco_aurelio.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/roberta_arcoverde.1712930781.jpg | 138.2.246.39 | 200 OK | 55 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/roberta_arcoverde.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash6d56437cdbe6c2248493c9675de59fc8 7c962c0170b07529b4ce4d1073e981af63f08abb 21b4b7702d9a276ddc8f654973067b1ce659a348da8ddd08d04c20e177e1598c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/roberta_arcoverde.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/renan_martins.1712930781.jpg | 138.2.246.39 | 200 OK | 50 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/renan_martins.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash61aa5b000c1d7ba924a9817bcd1e609e f1286e67e15ab312c277f5698e4b0c1e45abec4f 11d6f1c380433ecdd0acd5450d3bfe28846b66cac0fb28e4ee4374799ac7ebeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/renan_martins.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/alura2023/home/divisor-section-app.1712930780.svg | 138.2.246.39 | 200 OK | 159 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/divisor-section-app.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash37134eda42ea6c0de2a4bb58581ec452 fb0ebe442ef09d22ca8270f44a431f96fcac0a84 a2d50c66592f49666e323b83bde935e33b4d6ead2f295dc256cb22f52c3f70e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/divisor-section-app.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/upgradedMobile.1712930780.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-check.1712930780.svg | 138.2.246.39 | 200 OK | 244 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-check.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashc39e75499d8fbdd878c628ad80604c60 a95f2ca11c3af07f23ccd455fab9acc432daeaea 8440cde6c5b0f3fa6079b769d734b6b96a72af33be723fcdbff0bba9948e955c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-check.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/planos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/planosPagamento/icon-como-funciona.1712930781.svg | 138.2.246.39 | 200 OK | 248 B |
URL GET HTTP/1.1138.2.246.39/assets/img/planosPagamento/icon-como-funciona.1712930781.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashc661cc69e0a118b6187f096803d3b70c e71c7383fe0cd6332544639d182b48117a75af33 f8b47971e374d5f3fb6f0c9d39f94ca5d918a9127508f0c02a42041c512551bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/planosPagamento/icon-como-funciona.1712930781.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/planos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/home/homeNova/cases/ana_genari.1712930781.jpg | 138.2.246.39 | 200 OK | 48 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/home/homeNova/cases/ana_genari.1712930781.jpg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash65b2413da7207f92e7c463f760de0e1b 45f7fa13f0a9138e377bcdb9e13aae08708c8eb3 895ad51092731090b5c77593f005853ac5e0895709f4f05ac38afbc82c2c2b4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home/homeNova/cases/ana_genari.1712930781.jpg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/alura2023/home/texto-selo.1712930780.svg | 138.2.246.39 | 200 OK | 4.1 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/texto-selo.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash53ba665076b9ecdfe39ddc2c9e9866b1 67b1568b81117912f6046bcb09571d8dbf39d0d4 ec424c28f830bc631a342d0086981a958e7f897b64c726c1b92890695e651339
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/texto-selo.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/planos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| load.stape.alura.com.br/qukryqvi.js?id=GTM-NTLWWLR&l=dataLayerAlura | 104.18.0.48 | 200 OK | 127 kB |
URL GET HTTP/2load.stape.alura.com.br/qukryqvi.js?id=GTM-NTLWWLR&l=dataLayerAlura IP104.18.0.48:443
CertificateIssuerLet's Encrypt Subjectload.stape.alura.com.br Fingerprint84:C3:CA:4E:5F:5D:81:8C:26:4D:E6:04:61:03:2B:D7:F4:B1:8C:33 ValidityWed, 13 Mar 2024 10:12:50 GMT - Tue, 11 Jun 2024 10:12:49 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size127 kB (126829 bytes) Hash6d639ef87c6eb5118de8b1f742a1be4a f1b0d27e80102ec32e1e09d11a46f9ba374aaab2 c82d0273b952c0fab34ad242b5de90bb7fbbe4577385a2582c6b89b66561c315
GET /qukryqvi.js?id=GTM-NTLWWLR&l=dataLayerAlura HTTP/1.1
Host: load.stape.alura.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:29 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 8819b1dd9d6bb4f7-OSL
cf-cache-status: REVALIDATED
access-control-allow-origin: *
cache-control: private, max-age=900
expires: Fri, 10 May 2024 11:47:29 GMT
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
cf-polished: origSize=361668
cross-origin-resource-policy: cross-origin
x-stape-version: 1.2.0
set-cookie: __cf_bm=HCM__ij8QQWPf3DQi3thKzjo.yWr481IDcFBEHJ7TI4-1715341649-1.0.1.1-VF8yyC5bw17NNmHEnRUezAOaz5GRZfK3gTNUXA8KM.gcE8EEjkP5c3VFLuomMCR90u2FPwRdwWUJEpFYTz6y1Q; path=/; expires=Fri, 10-May-24 12:17:29 GMT; domain=.load.stape.alura.com.br; HttpOnly; Secure; SameSite=None
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-label-luri.1712930780.svg | 138.2.246.39 | 200 OK | 192 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-label-luri.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash4003fe2a0dc09c5bbeab666ca177fef3 8b0a0d6702a54b4a73db60c3d6cfb81130ff327d 3d887080e56c4669c866c182479ac48ade2e378ccea10cda8a444fb634898afe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-label-luri.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/planos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/background-luri-desktop.1712930780.png | 138.2.246.39 | 200 OK | 5.4 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/background-luri-desktop.1712930780.png IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 177 x 272, 8-bit colormap, non-interlaced Hashc53ab693183b4fa2059a2b08935fcdeb 824f9b62e94dba20234b23a5d7962dae62ae3dc8 7c5c02aa489dd1833c187fe2ad2f3e8c926105a9358201ae7fddc705bca84393
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/background-luri-desktop.1712930780.png HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/benefitsPro.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-luri-mobile.1712930780.svg | 138.2.246.39 | 200 OK | 796 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-luri-mobile.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash8524646222fb64cd9cc877013fe0358e d493f139ce65d58a64cb61399a8b822925e67555 7bbfb9504b6ee017eb2545e8309abecdc492e55d162c40ff7c5a0d4af4781fab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-luri-mobile.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/benefitsPro.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/background-alura-lingua-desktop.1712930780.png | 138.2.246.39 | 200 OK | 13 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/background-alura-lingua-desktop.1712930780.png IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 177 x 272, 8-bit colormap, non-interlaced Hash17ca58bff75659e2dfd9f75b2739dfd0 ba380b637b9678eb885109e9f507c1752ac6e449 db8782da6e393f4a4741ac2c5a0a2eb6b97283fd7597983c580827c5bf596778
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/background-alura-lingua-desktop.1712930780.png HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/benefitsPro.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
|
|
| 138.2.246.39/assets/img/alura2023/home/icon-alura-lingua.1712930780.svg | 138.2.246.39 | 200 OK | 1.5 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/icon-alura-lingua.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash423571c167e0b466671be3a1fbc382a8 20f6f080f8f7c802410d3608274279ed05cd6440 ccd94fb3e48df893df1a49aa3cf4a40e8e730bec95111acd92e5472c618beefc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/icon-alura-lingua.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/benefitsPro.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/background-desktop.1712930780.svg | 138.2.246.39 | 200 OK | 358 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/background-desktop.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash89cd0a53588752248d31d0ea0bb4c5f9 c18a3a5ca17790a53f8a8b930052c402b5ce9dc2 1b7738b46f152a5996ec61fd39f290f3a733f9f35e3003ed58f2f1df5aa10db0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/background-desktop.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/benefitsPro.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/arrow-white.1712930780.svg | 138.2.246.39 | 200 OK | 141 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/arrow-white.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashde4283dc7fc1d57e9ee7e1f198cdfab4 9ff71522803eb3ff6c1f811acd1ac1dc217923cb 7c2398844cec079772723ba4784b22afcb0bca9680733dc9caca1662adbe1674
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/arrow-white.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/faqPlanos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/header/icon-menu-open.1712930781.svg | 138.2.246.39 | 200 OK | 158 B |
URL GET HTTP/1.1138.2.246.39/assets/img/header/icon-menu-open.1712930781.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hash5d786eb13693db42d69d2f7c322e596d 5960376853f7db29b9efafa40da819d2697fe92f e9256279d8e34a8f634b73140dd40e35264fc19cef319655330c76d96e7fc957
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/header/icon-menu-open.1712930781.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/header/icon-menu-close.1712930781.svg | 138.2.246.39 | 200 OK | 302 B |
URL GET HTTP/1.1138.2.246.39/assets/img/header/icon-menu-close.1712930781.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashf4819ab54d7022dc77a1fe924c87afb0 03817d8c22314d3e5b537246e09f5f0abdae31c4 87069c56130ace86144ae27687f1582af9efe63a9c6c72af1623edcb86a38bd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/header/icon-menu-close.1712930781.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/stripes.1712930780.svg | 138.2.246.39 | 200 OK | 241 B |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/stripes.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hashdc85f53c546a7455be13501cb1917830 7211bde6772fa5a679ad6c4b793b0e2e4b0ac2da a8f174749418954488e3d3d50f404fe0c9117087ca68308de9a8c1c316f1ff2f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/stripes.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| 138.2.246.39/assets/img/alura2023/home/numbers-right.1712930780.svg | 138.2.246.39 | 200 OK | 1.4 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/numbers-right.1712930780.svg IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typeSVG Scalable Vector Graphics image Hasha88384a3ed67703066fe62521e89fa23 7778f3afbad2ca70d6695c42b5dd5aa2a6f473cf e703503b06c876d7183b98639cb55dfd00de9771beb75e5ca87af233da129d34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/numbers-right.1712930780.svg HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
|
|
| bat.bing.com/bat.js | 204.79.197.237 | 200 OK | 13 kB |
IP204.79.197.237:80 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46429), with no line terminators Hash72bca04fd669eb89fc65d59052d0fc00 27e60aef86f0cb1b2f6b6ed9df9a4e3ba88efd21 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 13261
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 29 Feb 2024 19:58:06 GMT
Accept-Ranges: bytes
ETag: "01b4e9c496bda1:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 70369A80A6D540938A4C022DFC8B4F5B Ref B: OSL30EDGE0313 Ref C: 2024-05-10T11:47:32Z
Date: Fri, 10 May 2024 11:47:32 GMT
|
|
| bat.bing.com/bat.js | 204.79.197.237 | 200 OK | 13 kB |
IP204.79.197.237:80 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46429), with no line terminators Hash72bca04fd669eb89fc65d59052d0fc00 27e60aef86f0cb1b2f6b6ed9df9a4e3ba88efd21 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 13261
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 29 Feb 2024 19:58:06 GMT
Accept-Ranges: bytes
ETag: "01b4e9c496bda1:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: D6852B66F21B43E8993F10F54C405BB4 Ref B: OSL30EDGE0308 Ref C: 2024-05-10T11:47:32Z
Date: Fri, 10 May 2024 11:47:32 GMT
|
|
| region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMsqfYBmSvVkTqp1LSB4mKbQ | 216.239.32.36 | 204 No Content | 0 B |
URL GET HTTP/2region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMsqfYBmSvVkTqp1LSB4mKbQ IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMsqfYBmSvVkTqp1LSB4mKbQ HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 10 May 2024 11:47:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1645345425 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1645345425 IP172.217.21.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1645345425 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 11:47:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1074362002 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1074362002 IP172.217.21.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-59FP0KYKSM&cid=idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651>m=45j91e4570h1v898709651z8898449541z9898207608za200&aip=1&z=1074362002 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 11:47:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMDAv4yWKhHQcZVozXttz0Yg | 216.239.32.36 | 204 No Content | 0 B |
URL GET HTTP/2region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMDAv4yWKhHQcZVozXttz0Yg IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/s/collect?dma=1&dma_cps=sypham>m=45j91e4570h1v898709651z8898449541z9898207608za200&_gsid=59FP0KYKSMDAv4yWKhHQcZVozXttz0Yg HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 10 May 2024 11:47:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/187012391.js | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/p/action/187012391.js IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/187012391.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF1FB2080F01443492D5E1F24AA78D9D Ref B: OSL30EDGE0413 Ref C: 2024-05-10T11:47:32Z
date: Fri, 10 May 2024 11:47:32 GMT
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js | 172.217.21.170 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP172.217.21.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 15:45:31 GMT
expires: Fri, 09 May 2025 15:45:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 72121
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/favicon.1712930780.ico | 138.2.246.39 | 200 OK | 38 kB |
URL GET HTTP/1.1138.2.246.39/assets/favicon.1712930780.ico IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 800 x 800, 8-bit/color RGB, non-interlaced Hashf693a45358855aa171e1d839e978d26d 90f04898030cc5fc35cd00258d6028171ab0908e 861c292cf36dcbfaec1077850019d7ffecd2158d4b8a7797bbe26ce5458dbb36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/favicon.1712930780.ico HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Cookie: _gcl_au=1.1.31522170.1715341650; AwinChannelCookie=aw; _rdt_uuid=1715341650948.71915d03-b9be-41cb-bea3-363f91b97439; _rdt_em=0000000000000000000000000000000000000000000000000000000000000001; __spdt=29ae3adb5be5430181e61a44d7773971; _ga_59FP0KYKSM=GS1.1.1715341651.1.0.1715341651.0.0.2074674112; _ga=GA1.1.673953103.1715341651; _ga_1EPWSW3PCS=GS1.1.1715341651.1.0.1715341651.0.0.0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:32 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:32 GMT
Cache-Control: public, max-age=31536000
|
|
| bat.bing.com/action/0?ti=187005534&Ver=2&mid=c113b332-1a9f-4f04-8f8b-c722a22ca087&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=582990 | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/action/0?ti=187005534&Ver=2&mid=c113b332-1a9f-4f04-8f8b-c722a22ca087&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=582990 IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=187005534&Ver=2&mid=c113b332-1a9f-4f04-8f8b-c722a22ca087&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=582990 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=27285B2FFB466C9D01F74F54FA116D8D; domain=.bing.com; expires=Wed, 04-Jun-2025 11:47:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22A0E15A219A4393A73E984BE06436FA Ref B: OSL30EDGE0413 Ref C: 2024-05-10T11:47:32Z
date: Fri, 10 May 2024 11:47:32 GMT
X-Firefox-Spdy: h2
|
|
| bat.bing.com/action/0?ti=187012391&Ver=2&mid=a7b59897-f275-4b51-96c6-03916a58ed89&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=511655 | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/action/0?ti=187012391&Ver=2&mid=a7b59897-f275-4b51-96c6-03916a58ed89&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=511655 IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=187012391&Ver=2&mid=a7b59897-f275-4b51-96c6-03916a58ed89&sid=1647ca900ec311efbfb3c5938f9b5846&vid=1647ec000ec311ef87c6d353d9a3f8ba&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&p=http%3A%2F%2F138.2.246.39%2F&r=<=2635&evt=pageLoad&sv=1&rn=511655 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0A71E6AAC53E6423252DF2D1C469652B; domain=.bing.com; expires=Wed, 04-Jun-2025 11:47:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C85ABA4C75B843528D7CCCEE9F6406E1 Ref B: OSL30EDGE0413 Ref C: 2024-05-10T11:47:32Z
date: Fri, 10 May 2024 11:47:32 GMT
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/187005534.js | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/p/action/187005534.js IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/187005534.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C44B8332A20C4819AD2118E3D2774C4B Ref B: OSL30EDGE0413 Ref C: 2024-05-10T11:47:32Z
date: Fri, 10 May 2024 11:47:32 GMT
X-Firefox-Spdy: h2
|
|
| stape.alura.com.br/ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&_eu=IA&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=2&cu=BRL&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=view_item_list&pr1=nmCursos%20online%20Programa%C3%A7%C3%A3o~qt1&pr2=nmCursos%20online%20Front-end~qt1&pr3=nmCursos%20online%20Data%20Science~qt1&pr4=nmCursos%20online%20Intelig%C3%AAncia%20Artificial~qt1&pr5=nmCursos%20online%20DevOps~qt1&pr6=nmCursos%20online%20UX%20%26%20Design~qt1&pr7=nmCursos%20online%20Mobile~qt1&pr8=nmCursos%20online%20Inova%C3%A7%C3%A3o%20%26%20Gest%C3%A3o~qt1&ep.user_data._tag_mode=MANUAL&tfd=3895&richsstsse | 35.198.36.195 | 200 OK | 47 kB |
URL GET HTTP/2stape.alura.com.br/ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&_eu=IA&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=2&cu=BRL&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=view_item_list&pr1=nmCursos%20online%20Programa%C3%A7%C3%A3o~qt1&pr2=nmCursos%20online%20Front-end~qt1&pr3=nmCursos%20online%20Data%20Science~qt1&pr4=nmCursos%20online%20Intelig%C3%AAncia%20Artificial~qt1&pr5=nmCursos%20online%20DevOps~qt1&pr6=nmCursos%20online%20UX%20%26%20Design~qt1&pr7=nmCursos%20online%20Mobile~qt1&pr8=nmCursos%20online%20Inova%C3%A7%C3%A3o%20%26%20Gest%C3%A3o~qt1&ep.user_data._tag_mode=MANUAL&tfd=3895&richsstsse IP35.198.36.195:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectstape.alura.com.br Fingerprint87:A4:4F:5E:B5:69:DA:65:43:36:52:3A:4C:9A:F2:F5:A9:97:53:F4 ValidityTue, 02 Apr 2024 18:19:16 GMT - Mon, 01 Jul 2024 18:19:15 GMT
Hash0ab3d6d1c4f9e31341e90cb1d4c9c629 31427205bf722752d89ac0406f7f7038b6706088 d99f832b3d842a2bd406a037882d91eeb6cea70bc57d8abeadfee7b28e19c2c1
GET /ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&_eu=IA&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=2&cu=BRL&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=view_item_list&pr1=nmCursos%20online%20Programa%C3%A7%C3%A3o~qt1&pr2=nmCursos%20online%20Front-end~qt1&pr3=nmCursos%20online%20Data%20Science~qt1&pr4=nmCursos%20online%20Intelig%C3%AAncia%20Artificial~qt1&pr5=nmCursos%20online%20DevOps~qt1&pr6=nmCursos%20online%20UX%20%26%20Design~qt1&pr7=nmCursos%20online%20Mobile~qt1&pr8=nmCursos%20online%20Inova%C3%A7%C3%A3o%20%26%20Gest%C3%A3o~qt1&ep.user_data._tag_mode=MANUAL&tfd=3895&richsstsse HTTP/1.1
Host: stape.alura.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://138.2.246.39
cache-control: no-cache
content-type: text/plain
date: Fri, 10 May 2024 11:47:32 GMT
set-cookie: FPID=FPID2.2.idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651; Max-Age=63072000; Domain=246.39; Path=/; Secure; HttpOnly
FPLC=ek6AJ2OvA89LhrIeVph6w9eIKxkHmmWsqx3V1yHizvFiYffWINo0o5qK3gAgnnDAD4PCaSNz6wPKztNr3pN24qF4ieLPtfWjjZKoU%2Fkq9fHCwB%2BqHijleFF5SYaT9Q%3D%3D; Max-Age=72000; Domain=246.39; Path=/; Secure
FPGSID=1.1715341652.1715341652.G-59FP0KYKSM.DAv4yWKhHQcZVozXttz0Yg; Max-Age=1800; Domain=246.39; Path=/; SameSite=strict; Secure
x-accel-buffering: no
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2 | 216.58.207.227 | 200 OK | 9.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9896, version 1.0 Hashac5c5eb0d242af015d0912e79631cb44 fd0d79e9f10854d211d648dbf8b9d125048e1e68 04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
GET /s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 08:20:10 GMT
expires: Sat, 10 May 2025 08:20:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 17:55:42 GMT
content-type: font/woff2
age: 12443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2 | 216.58.207.227 | 200 OK | 9.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9748, version 1.0 Hash3405ddde82efbf765e88d70e4053a085 99609ffe38f3d9c3c95764b5adba80a015bfd918 9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
GET /s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:55:05 GMT
expires: Fri, 09 May 2025 17:55:05 GMT
cache-control: public, max-age=31536000
age: 64348
last-modified: Thu, 24 Aug 2023 17:51:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@300;400;700;900&family=Montserrat:wght@300;400;500;600;700;800;900&family=Chakra+Petch:ital,wght@0,400;0,700;1,400&display=swap&family=Michroma&display=swap | 142.250.74.74 | 200 OK | 48 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter:wght@300;400;700;900&family=Montserrat:wght@300;400;500;600;700;800;900&family=Chakra+Petch:ital,wght@0,400;0,700;1,400&display=swap&family=Michroma&display=swap IP142.250.74.74:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash3bdb32d2fc10bbfc4e7da0b8a7141754 02c451e016f027526caeebb58d52798a86c01778 817ad58afb4a4b8063d3f96aaa42e6fba13dc092db758552fe091ca08018c735
GET /css2?family=Inter:wght@300;400;700;900&family=Montserrat:wght@300;400;500;600;700;800;900&family=Chakra+Petch:ital,wght@0,400;0,700;1,400&display=swap&family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 11:47:32 GMT
date: Fri, 10 May 2024 11:47:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 348796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 348796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i3.ytimg.com/vi/2t8ycK8D4Rk/hqdefault.jpg | 142.250.74.142 | 200 OK | 25 kB |
URL GET HTTP/3i3.ytimg.com/vi/2t8ycK8D4Rk/hqdefault.jpg IP142.250.74.142:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash85fa26ffed5f0dda7677211155ee19da bbfb0d17c1e4ce5f5485803a2be0fbdf7b367bdb 0ff97060f2606239b4854b4c8e17d88764cef80523e2a412d068c1b563698b91
GET /vi/2t8ycK8D4Rk/hqdefault.jpg HTTP/1.1
Host: i3.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 24559
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 11:47:33 GMT
expires: Fri, 10 May 2024 13:47:33 GMT
cache-control: public, max-age=7200
etag: "1624585920"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| js.hsadspixel.net/fb.js | 104.17.223.152 | 200 OK | 6.3 kB |
IP104.17.223.152:443
CertificateIssuerLet's Encrypt Subjecthsadspixel.net Fingerprint89:04:B6:FD:E6:3E:5E:C8:E4:39:2D:83:6E:38:CC:9C:BE:A2:08:4D ValidityTue, 16 Apr 2024 02:15:45 GMT - Mon, 15 Jul 2024 02:15:44 GMT
File typeJavaScript source, ASCII text, with very long lines (6486), with no line terminators Hasha6dc409d8bdb2cd00d0912d856aae8cf 2e6945ea05c569481334e13ef5d68979780e5a87 604b981e526bb04526d8deb9bbbe08897bd4522f761ba22de899343fae841562
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 13:59:45 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: WR.k6Eu.Fa9nEZi.qodxWXB_S9rVdQh0
etag: W/"e640358291401fd3fe302e09b06161db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: vpmPdbzAagW20cwI3S42_vVJQhQxGi3mgfgj9P24uqcPEVh1JVf4rw==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.556/bundles/pixels-release.js&cfRay=880a07b2f8a2b503-ARN
cache-control: max-age=600
x-hs-target-asset: adsscriptloaderstatic/static-1.556/bundles/pixels-release.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 0
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: dc679ab6-ec45-4718-9a8c-28540f829e21
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: dc679ab6-ec45-4718-9a8c-28540f829e21
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 157
server: cloudflare
cf-ray: 8819b1e71e24b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21748317 | 104.18.241.108 | 200 OK | 650 B |
URL GET HTTP/2api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21748317 IP104.18.241.108:443
CertificateIssuerLet's Encrypt Subjecthubapi.com Fingerprint2F:B4:8D:69:26:1B:D3:84:25:A3:5C:74:BD:F8:87:1A:02:14:1F:5C ValiditySat, 04 May 2024 22:26:14 GMT - Fri, 02 Aug 2024 22:26:13 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (722), with no line terminators Hashecf782dbf953d98fc7b46af73054019e 4825d15271e4c81005fef75a4be3d2ff0c6385ad c2e58f07c55d06ee3ebcf5b9c554b0a40159e7167d93f34c9b6ffc7995f86b1a
GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21748317 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: application/json;charset=utf-8
cf-ray: 8819b1e91e165685-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: http://138.2.246.39
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7v42
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 7db204c8-c62a-4f8a-8bb6-0fc42ca32d4d
x-request-id: 7db204c8-c62a-4f8a-8bb6-0fc42ca32d4d
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SA2B9SNugJ0Yym3CGMpBhLYCYY9mZJaj8y6%2Bcg4xus6NorW2TP4t%2BmpZajKNU0zgtxMcsAssOaqqKxmwVcLO3KFR9rNmPqu5HcWpq0V3it18CGBhaJnGWwvxV2yhArRr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 138.2.246.39/assets/img/alura2023/home/selo-card.1712930780.png | 138.2.246.39 | 200 OK | 19 kB |
URL GET HTTP/1.1138.2.246.39/assets/img/alura2023/home/selo-card.1712930780.png IP138.2.246.39:80 ASN#31898 ORACLE-BMC-31898
File typePNG image data, 324 x 386, 8-bit colormap, non-interlaced Hash897c6e7424f47b7a84d5bd9eb658da3c 7d634b4328ac679d79d7068d90ba9ad3183a056c 00c9a726c2afd1731d94efcaf0eb713fa08c1989ca2c4c8200519c5ce2d237bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/alura2023/home/selo-card.1712930780.png HTTP/1.1
Host: 138.2.246.39
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/assets/css/block/planos.1712930780.css
Cookie: _gcl_au=1.1.31522170.1715341650
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 11:47:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 May 2025 11:47:31 GMT
Cache-Control: public, max-age=31536000
|
|
| www.googletagmanager.com/gtag/js?id=AW-449675183 | 142.250.74.72 | 200 OK | 265 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-449675183 IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size265 kB (265354 bytes) Hash5b5abca080267d2b5c291d4fa210531c 1f73f194b918acb5dbd72a68b931b96bc0aa86c3 da96e948415eca0f90a5ada70b26abdb388029fa3f3ae325ff769aea13911b79
GET /gtag/js?id=AW-449675183 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 11:47:31 GMT
expires: Fri, 10 May 2024 11:47:31 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| load.stape.alura.com.br/gtqukryqvi.js?id=G-59FP0KYKSM&l=dataLayerAlura&cx=c | 104.18.0.48 | 200 OK | 292 kB |
URL GET HTTP/3load.stape.alura.com.br/gtqukryqvi.js?id=G-59FP0KYKSM&l=dataLayerAlura&cx=c IP104.18.0.48:443
CertificateIssuerLet's Encrypt Subjectload.stape.alura.com.br Fingerprint84:C3:CA:4E:5F:5D:81:8C:26:4D:E6:04:61:03:2B:D7:F4:B1:8C:33 ValidityWed, 13 Mar 2024 10:12:50 GMT - Tue, 11 Jun 2024 10:12:49 GMT
File typeJavaScript source, ASCII text, with very long lines (10917) Size292 kB (291748 bytes) Hash73be301df5ad74a5620d4b8517118c7c baf7c790f0f03a8d7ab7820b742b6479636b124d 749197b4437e37325fd426d1fedc5cf0e145e256214a242d84bf714eb631518c
GET /gtqukryqvi.js?id=G-59FP0KYKSM&l=dataLayerAlura&cx=c HTTP/1.1
Host: load.stape.alura.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Cookie: __cf_bm=HCM__ij8QQWPf3DQi3thKzjo.yWr481IDcFBEHJ7TI4-1715341649-1.0.1.1-VF8yyC5bw17NNmHEnRUezAOaz5GRZfK3gTNUXA8KM.gcE8EEjkP5c3VFLuomMCR90u2FPwRdwWUJEpFYTz6y1Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 8819b1e57eb25687-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: private, max-age=900
expires: Fri, 10 May 2024 11:47:30 GMT
last-modified: Fri, 10 May 2024 09:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
x-stape-version: 1.2.0
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
|
|
| stape.alura.com.br/ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=1&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_data._tag_mode=MANUAL&tfd=3366&richsstsse | 35.198.36.195 | 200 OK | 796 B |
URL GET HTTP/2stape.alura.com.br/ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=1&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_data._tag_mode=MANUAL&tfd=3366&richsstsse IP35.198.36.195:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectstape.alura.com.br Fingerprint87:A4:4F:5E:B5:69:DA:65:43:36:52:3A:4C:9A:F2:F5:A9:97:53:F4 ValidityTue, 02 Apr 2024 18:19:16 GMT - Mon, 01 Jul 2024 18:19:15 GMT
File typeASCII text, with very long lines (828), with no line terminators Hash9ea23b73b0247480919ff5b35f79a407 302a4937bfb6b016159b09741184ba6280f4d741 43e589877fdfc1e89678c688deddd3ca0b0ff58cde8ac48200360ee868d7d359
GET /ngtqukryqvi?v=2&tid=G-59FP0KYKSM>m=45je4580v898709651z8898449541za200&_p=1715341649398&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=673953103.1715341651&ecid=2074674112&ul=en-us&sr=1280x1024&_fplc=0&ur=NO&frm=0&pscdl=noapi&ec_mode=c&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3lPl2l1&sst.tft=1715341649398&sst.ude=0&_s=1&sid=1715341651&sct=1&seg=0&dl=http%3A%2F%2F138.2.246.39%2F&dt=Alura%20%7C%20Cursos%20online%20de%20Tecnologia&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_data._tag_mode=MANUAL&tfd=3366&richsstsse HTTP/1.1
Host: stape.alura.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://138.2.246.39
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://138.2.246.39
cache-control: no-cache
content-type: text/plain
date: Fri, 10 May 2024 11:47:32 GMT
set-cookie: FPID=FPID2.2.idEWUq7Mp07E8EkCaz%2BaLJKa6vYiQkgrPpDEgdfNVGk%3D.1715341651; Max-Age=63072000; Domain=246.39; Path=/; Secure; HttpOnly
FPLC=AEBmra7kR8R62X3dvapJNHrFqfBomI71JPFHmua3CFwoGNO8roH%2Ba0ShQB7AWXwwhYh%2BVMCoqdVavs3PjrAgYiLajqDt7zksmleYp3HCalrCurDH5Pm3vb4SGoHsFg%3D%3D; Max-Age=72000; Domain=246.39; Path=/; Secure
FPAU=1.2.451816328.1715341652; Max-Age=7776000; Domain=246.39; Path=/; Secure
FPGSID=1.1715341652.1715341652.G-59FP0KYKSM.sqfYBmSvVkTqp1LSB4mKbQ; Max-Age=1800; Domain=246.39; Path=/; SameSite=strict; Secure
x-accel-buffering: no
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|
|
| load.stape.alura.com.br/gtqukryqvi.js?id=G-1EPWSW3PCS&l=dataLayerAlura&cx=c | 104.18.0.48 | 200 OK | 274 kB |
URL GET HTTP/3load.stape.alura.com.br/gtqukryqvi.js?id=G-1EPWSW3PCS&l=dataLayerAlura&cx=c IP104.18.0.48:443
CertificateIssuerLet's Encrypt Subjectload.stape.alura.com.br Fingerprint84:C3:CA:4E:5F:5D:81:8C:26:4D:E6:04:61:03:2B:D7:F4:B1:8C:33 ValidityWed, 13 Mar 2024 10:12:50 GMT - Tue, 11 Jun 2024 10:12:49 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size274 kB (274021 bytes) Hash2d0d468a6ffe43d109c033ef7269c2d4 3fbf498ebbc4cca7a0a228d17a697bfa0d12c7ac 1b648ddaa4eccd9f765710d6bb84897fc3bd9efb38fe4a859e71a3702a76df9b
GET /gtqukryqvi.js?id=G-1EPWSW3PCS&l=dataLayerAlura&cx=c HTTP/1.1
Host: load.stape.alura.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://138.2.246.39/
Cookie: __cf_bm=HCM__ij8QQWPf3DQi3thKzjo.yWr481IDcFBEHJ7TI4-1715341649-1.0.1.1-VF8yyC5bw17NNmHEnRUezAOaz5GRZfK3gTNUXA8KM.gcE8EEjkP5c3VFLuomMCR90u2FPwRdwWUJEpFYTz6y1Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:47:31 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 8819b1e57eb65687-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: private, max-age=900
expires: Fri, 10 May 2024 11:47:30 GMT
last-modified: Fri, 10 May 2024 09:54:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
x-stape-version: 1.2.0
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
|
|