Overview

URL lightad.com.br/G5i4hhrx/jql.exe
IP69.164.207.43
ASNAS36351 SoftLayer Technologies Inc.
Location United States
Report completed2019-02-09 11:08:09 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-09 2 lightad.com.br/G5i4hhrx/jql.exe Malware
2019-02-09 2 lightad.com.br/G5i4hhrx/jql.exe Malware
2019-02-09 2 lightad.com.br/wp-content/cache/caos-analytics/analytics.js Malware
2019-02-09 2 lightad.com.br/wp-includes/js/jquery/jquery.js Malware
2019-02-09 2 lightad.com.br/wp-content/cache/autoptimize/autoptimize_5972e1ef735e6278437 (...) Malware
2019-02-09 2 lightad.com.br/wp-content/cache/autoptimize/autoptimize_a56f269e28512acaa4c (...) Malware
2019-02-09 2 lightad.com.br/wp-content/themes/Divi/core/admin/fonts/modules.ttf Malware
DNS-BH  No alerts detected
mnemonic secure dns
Added / Verified Severity Host Comment
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted
2019-02-09 2 lightad.com.br Blacklisted


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 69.164.207.43

Date UQ / IDS / BL URL IP
2019-06-06 22:04:23 +0200
0 - 1 - 7 lightad.com.br/G5i4hhrx/jql.exe 69.164.207.43
2019-05-22 11:26:47 +0200
0 - 1 - 7 lightad.com.br/G5i4hhrx/jql.exe 69.164.207.43

Last 10 reports on ASN: AS36351 SoftLayer Technologies Inc.

Date UQ / IDS / BL URL IP
2019-07-01 07:04:06 +0200
0 - 0 - 0 freepaypalmoney.micro.blog/ 104.200.22.214
2019-06-30 01:23:43 +0200
0 - 0 - 0 lasvegasrealtyllc.com/agyuslvf/evps3b0s7oc 173.193.64.139
2019-06-30 01:01:37 +0200
0 - 0 - 0 openx.org 208.43.79.58
2019-06-30 00:55:43 +0200
0 - 0 - 0 www.sharehairdressers.com/ 159.8.24.77
2019-06-30 00:52:05 +0200
0 - 0 - 0 www.sharehairdressers.com/ 159.8.24.77
2019-06-30 00:43:05 +0200
0 - 1 - 0 p237431.cdaz.icu/bati/sa?cid=TOTALSPORTEK_ADB (...) 108.168.193.185
2019-06-30 00:40:37 +0200
0 - 0 - 0 https://www.mg-webs.com/ 198.252.100.133
2019-06-30 00:31:20 +0200
0 - 0 - 0 https://rumble.com/v7vfkx-abc.watchmarvels-ag (...) 169.50.62.153
2019-06-30 00:30:00 +0200
0 - 0 - 0 https://rumble.com/v7vfot-putlockerwatch-marv (...) 169.50.62.153
2019-06-27 17:16:37 +0200
0 - 0 - 0 spiritenv.com 75.126.220.28

Last 3 reports on domain: lightad.com.br

Date UQ / IDS / BL URL IP
2019-06-06 22:04:23 +0200
0 - 1 - 7 lightad.com.br/G5i4hhrx/jql.exe 69.164.207.43
2019-05-22 11:26:47 +0200
0 - 1 - 7 lightad.com.br/G5i4hhrx/jql.exe 69.164.207.43
2018-12-30 19:17:28 +0100
0 - 0 - 2 lightad.com.br/G5i4hhrx/jql.exe 162.144.65.160


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (24)


Request Response
                                        
                                            GET /G5i4hhrx/jql.exe HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.164.207.43
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:34 GMT
Content-Length: 154
Connection: keep-alive
Location: https://lightad.com.br/G5i4hhrx/jql.exe


--- Additional Info ---
Magic:  HTML document text
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "D342EB5BE658EAD8F2ABA3956EC69C44DB62E55A793AE61AE0228AF866F7FE6D"
Last-Modified: Thu, 07 Feb 2019 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43141
Expires: Sat, 09 Feb 2019 22:06:36 GMT
Date: Sat, 09 Feb 2019 10:07:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    d57ae86d25ff3e13cfd335d6b418bc53
Sha1:   5c88c213ac98408b496d5736f26ddf4edba9fc9f
Sha256: d342eb5be658ead8f2aba3956ec69c44db62e55a793ae61ae0228af866f7fe6d
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 07 Feb 2019 23:56:23 GMT
Etag: "015333ce223025f89da721f0554369c887b34091"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=24158
Expires: Sat, 09 Feb 2019 16:50:13 GMT
Date: Sat, 09 Feb 2019 10:07:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    03e14710a828dbfd08245d312a09b8cc
Sha1:   015333ce223025f89da721f0554369c887b34091
Sha256: a58bbe580fa311154e34225f842e8cf63d7d569c8db05bc11138eb5803d71dd2
                                        
                                            GET /G5i4hhrx/jql.exe HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.164.207.43
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://lightad.com.br/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3663
Md5:    fa4dc51e77f33104d9c0918a5b80b0f6
Sha1:   9029b863c06cb1e7cdf89cfee87c75fa0941bf4a
Sha256: a2739587fe8512163a257e096ef7fcf16f21202ab9068bd103de8e245d1ac880

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 09 Feb 2019 10:07:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    a2eacfacbfadd925df0d88bba0ae56f1
Sha1:   12f768fc99697c6599e52cbdadb8c8d5dc8ae4ee
Sha256: 77b80c15a3db414435c797bd0fd106b7bd4d4c1418730a21be0c7f6cade0f6c2
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 09 Feb 2019 10:07:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sat, 09 Feb 2019 10:07:36 GMT
Date: Sat, 09 Feb 2019 10:07:36 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   382
Md5:    73dd361999226c222eb24207e36f714c
Sha1:   daebd391e85375a26e5bdf4f10d2ef87a25382fa
Sha256: e26f86db2fb058d01630f24480daff1308fdc0f6ec47f2133e0a8b847001c672
                                        
                                            GET /wp-content/cache/caos-analytics/analytics.js HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:36 GMT
Last-Modified: Fri, 08 Feb 2019 18:35:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c5dcbd6-ac62"
Expires: Wed, 10 Apr 2019 10:07:36 GMT
Cache-Control: max-age=5184000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   19261
Md5:    7c70c65c6ae103ab9b8462f0872463db
Sha1:   8e209c17bdb9ad2b8d095d0d4311440750978a5d
Sha256: 694be04d24d882be67765e2bd27e06fcbfe4d299800a1ce247936677b81edf31

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 09 Feb 2019 10:07:37 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d5a970eba4cf488e6b5380f3c00bfcf9
Sha1:   637144b3d14c01d89e68568fb638c8d4bcf71a3d
Sha256: bc872b7ceae87fb73cbd9242e1f05fe72fc47625d40964cc7e6103c2cde77c9a
                                        
                                            GET /r/collect?v=1&_v=j73&a=1777842687&t=pageview&_s=1&dl=https%3A%2F%2Flightad.com.br%2FG5i4hhrx%2Fjql.exe&ul=en-us&de=UTF-8&dt=404%20N%C3%A3o%20encontrado%20%7C%20Light%20Cria%C3%A7%C3%A3o%20e%20Comunica%C3%A7%C3%A3o&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAAQ~&jid=908711223&gjid=234595719&cid=425197645.1549706858&tid=UA-134081783-1&_gid=203483971.1549706858&_r=1&z=1960227510 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sat, 09 Feb 2019 10:07:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /wp-content/uploads/2018/01/light-logo-5.png HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:37 GMT
Content-Length: 6308
Last-Modified: Thu, 07 Feb 2019 13:16:15 GMT
Connection: keep-alive
Etag: "5c5c2f9f-18a4"
Expires: Wed, 10 Apr 2019 10:07:37 GMT
Cache-Control: max-age=5184000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 708 x 120, 8-bit colormap, non-interlaced
Size:   6308
Md5:    a9f9588f0a9d9d44a2fcd1bbc52e9508
Sha1:   e716d7287788e772c6716d2c29815ae10676e568
Sha256: 1636e2ebeddff084b1450cb33231c16f95815c2cd92a7d92a519bd9de623dc08

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/js/jquery/jquery.js HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:37 GMT
Last-Modified: Thu, 07 Feb 2019 13:16:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c5c2f9f-17ba0"
Expires: Wed, 10 Apr 2019 10:07:37 GMT
Cache-Control: max-age=5184000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   38013
Md5:    557c729e5dbfa3fa6853e62762302b39
Sha1:   05433de0d7e86edf8ae1262fb96da01fa5e3f1e2
Sha256: 578722ce71855eff9959e040d2da996e6e0f424c2e14f3e18bb7c886f8d7b36a

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-includes/css/dashicons.min.css HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:37 GMT
Last-Modified: Thu, 07 Feb 2019 13:16:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c5c2f9f-b518"
Expires: Wed, 10 Apr 2019 10:07:37 GMT
Cache-Control: max-age=5184000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   29759
Md5:    bf98be27695d0a49c876eb4c35afc797
Sha1:   3f1e7e39ef9aec2d5f6e8ff163839524a2b4a95e
Sha256: 3840fe8c5eb2073f48d0fae3bb7b12e81c9b9ca3dcd26ef19e00527e721b0d1f

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/cache/autoptimize/autoptimize_5972e1ef735e6278437068346b59bcf6.php HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:37 GMT
Content-Length: 71366
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Control: max-age=30672000, public, immutable
Expires: Thu, 30 Jan 2020 10:07:37 GMT
Etag: 98a1606df2f4c0caf5dfa8e1731832fd
Last-Modified: Thu, 07 Feb 2019 19:21:27 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   71366
Md5:    98a1606df2f4c0caf5dfa8e1731832fd
Sha1:   6dd92f53995eaf26ca0d4a49bf468720f39bd3a0
Sha256: f2f435624ff53dd7fc641c5c8762692eea80f17d910ec4e5b8f1f248f9f37100

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/cache/autoptimize/autoptimize_a56f269e28512acaa4c1d8e33c99c354.php HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/G5i4hhrx/jql.exe

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:37 GMT
Content-Length: 66063
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Control: max-age=30672000, public, immutable
Expires: Thu, 30 Jan 2020 10:07:37 GMT
Etag: 536b64797a582874839e976046cd78a2
Last-Modified: Thu, 07 Feb 2019 19:21:27 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   66063
Md5:    536b64797a582874839e976046cd78a2
Sha1:   19fee6330a1902a59082d95ce5d5340dab7e2cf4
Sha256: 87dbc75db9ddd1d7d3a0dbf90f17fe7ac5cad9ac5f6a93ca34aedd86eaff8d46

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 09 Feb 2019 10:07:38 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d048a6beb2c18d97e8f3300fa9c08371
Sha1:   46a6ea0b65cfc6211d2c53281d0e71e6f955679f
Sha256: 898b5976b9ea3ec3f8b4f78e713f3d27e240d2a6ce23ad1877c2becd96f3f01b
                                        
                                            GET /s/opensans/v15/mem8YaGs126MiZpBA-UFW50d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin: https://lightad.com.br

                                         
                                         216.58.209.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 23708
Date: Sat, 19 Jan 2019 06:10:36 GMT
Expires: Sun, 19 Jan 2020 06:10:36 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:47 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1828622
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  data
Size:   23708
Md5:    2b6f63fce9104d1223d83dd12cd6038e
Sha1:   1ac49ab02668c5deb14a497faefcb7bfa6c15731
Sha256: 32ad89cba217fa7f180d331f6e43d87a75e8eb1b97ed102d178c534fd6e51038
                                        
                                            GET /wp-content/uploads/fbrfg/favicon.ico HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:38 GMT
Content-Length: 15086
Last-Modified: Thu, 07 Feb 2019 19:15:59 GMT
Connection: keep-alive
Etag: "5c5c83ef-3aee"
Expires: Wed, 10 Apr 2019 10:07:38 GMT
Cache-Control: max-age=5184000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 48x48, 256-colors
Size:   15086
Md5:    ee503e863c0dca6063e9d98adf69af51
Sha1:   253ef4cb0071c0d3d1588506f482d70ac870ae9a
Sha256: c282ee710db28f42f97577099576045ff7d387f1b6539fc87d4a170ffa2c682d

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhv.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin: https://lightad.com.br

                                         
                                         216.58.209.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 24536
Date: Sat, 02 Feb 2019 04:02:31 GMT
Expires: Sun, 02 Feb 2020 04:02:31 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:51 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 626707
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  data
Size:   24536
Md5:    d90dc5001b28fd92491e2240ba90fd91
Sha1:   c50363443e57440d39d47e1c126e38785e24ff7c
Sha256: d44d59ec2328d3dce4046b23380c9f9506db2e31a99cfa1caa207d41485a5cd5
                                        
                                            GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://lightad.com.br/wp-content/cache/autoptimize/autoptimize_5972e1ef735e6278437068346b59bcf6.php
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:38 GMT
Content-Length: 92400
Last-Modified: Thu, 07 Feb 2019 13:32:45 GMT
Connection: keep-alive
Etag: "5c5c337d-168f0"
Expires: Wed, 10 Apr 2019 10:07:38 GMT
Cache-Control: max-age=5184000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  TrueType font data\012 raw G3 data, byte-padded
Size:   92400
Md5:    de27b3e66b2f8017e000aa9d8d24d60e
Sha1:   e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
Sha256: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Alerts:
  Blacklists:
    - fortinet: Malware
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/fbrfg/favicon-32x32.png HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:41 GMT
Content-Length: 654
Last-Modified: Thu, 07 Feb 2019 19:15:59 GMT
Connection: keep-alive
Etag: "5c5c83ef-28e"
Expires: Wed, 10 Apr 2019 10:07:41 GMT
Cache-Control: max-age=5184000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit colormap, non-interlaced
Size:   654
Md5:    ab0a2e1e18096916ce9d88faebcdacf6
Sha1:   14afceb600e285edc248b0a27a405a00f3611ff1
Sha256: 47774da4aa5da86e0a6788c8569425c1989a67da6c78a7aa9ca21b5a3bff9205

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/fbrfg/favicon-16x16.png HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         69.164.207.43
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sat, 09 Feb 2019 10:07:41 GMT
Content-Length: 459
Last-Modified: Thu, 07 Feb 2019 19:15:59 GMT
Connection: keep-alive
Etag: "5c5c83ef-1cb"
Expires: Wed, 10 Apr 2019 10:07:41 GMT
Cache-Control: max-age=5184000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   459
Md5:    010c9380af59b6e6d161e363ece3815d
Sha1:   2adf7c211cbc999a3985ea2234da5708ab9e868f
Sha256: 7536491e6a2dbd61179aed2c691afe47e03d5dc94128687eaf5735e85601450f

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/fbrfg/favicon-16x16.png HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted
                                        
                                            GET /wp-content/uploads/fbrfg/favicon-32x32.png HTTP/1.1 
Host: lightad.com.br
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: caosLocalGa=GA1.3.425197645.1549706858; caosLocalGa_gid=GA1.3.203483971.1549706858; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - mnemonic_dns: Blacklisted