feeds.kitces.com/~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
104.26.15.50301 Moved Permanently 0 B URL HTTP/1.1 feeds.kitces.com/~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
IP 104.26.15.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ= HTTP/1.1
Host: feeds.kitces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 20:35:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 21:35:02 GMT
Location: https://feeds.kitces.com/~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E76smgWErr08vaTBZQhtQvg57uuDclMxDPIFsX2tD85xu3ItJGye4nH%2Bp519S8jOpsHgTBU%2FXJxsRtP0%2B4xE7U0nVXlH%2BmHVvy6wy4gTDER2qJONZPWreoNLLivtpMcNrbU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac97566dc4db512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2160
Expires: Thu, 23 Mar 2023 21:11:03 GMT
Date: Thu, 23 Mar 2023 20:35:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14352
Expires: Fri, 24 Mar 2023 00:34:15 GMT
Date: Thu, 23 Mar 2023 20:35:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 20:27:35 GMT
content-type: application/json
age: 448
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6351
Expires: Thu, 23 Mar 2023 22:20:54 GMT
Date: Thu, 23 Mar 2023 20:35:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h8bl3L33pgC0g4lTfo7a9cFoIBNzKteBfqv9XrRMRGpFjE73yxXaS8Fy4xsGX2fibLBMjbOIIzY=
x-amz-request-id: DN9HXHJ68TVFHXNZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 20:00:05 GMT
age: 2098
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:35:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 20:17:23 GMT
age: 1060
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
feeds.kitces.com/~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
172.67.74.215301 Moved Permanently 1 B URL HTTP/2 feeds.kitces.com/~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
IP 172.67.74.215:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /~/t/0/0/kitcesnerdseyeview/~https:/tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ= HTTP/1.1
Host: feeds.kitces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 23 Mar 2023 20:35:03 GMT
content-length: 1
location: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
cf-ray: 7ac97568aab80b59-OSL
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXa%2FhKxzXoqudXvIzNHh7bg1Pb%2FGnJOZwgYH57sXBg86VbtBgFzODzFV8XIPoxxHq2dVLEUQjcRLxQordFImEXf%2FTw8BFyU0BNMTkrWagLW51eEdZAShVfc1RKKTOFajFoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15523
Expires: Fri, 24 Mar 2023 00:53:46 GMT
Date: Thu, 23 Mar 2023 20:35:03 GMT
Connection: keep-alive
push.services.mozilla.com/
52.42.172.0101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.172.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d9U0x2Rm/ExDnjehkaHfTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0kRRYl/m0UOVuElLmEkSwxByvOE=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0a5cdc20e095ffac65f0da722e6e3559
05b646a7b6093eb50b223d5acefab3318352f159
27f9848157f5628bc7a1fb3ddcdb484de1aaf182c0d3afc2ef8758d33903bbd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27F9848157F5628BC7A1FB3DDCDB484DE1AAF182C0D3AFC2EF8758D33903BBD5"
Last-Modified: Tue, 21 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Fri, 24 Mar 2023 02:34:11 GMT
Date: Thu, 23 Mar 2023 20:35:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-85049277-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-85049277-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash afe784ed78cdac367d6d52febede817d
a889dcca865a37db51aaf6de95f39fd3a6605feb
53a8f7bbca9ae7e20cf100a35a4f40c7bafcbe51e575a63e4f1b4cb05e17ff45
GET /gtag/js?id=UA-85049277-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 20:35:05 GMT
expires: Thu, 23 Mar 2023 20:35:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-9.jpg
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-9.jpg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afiliados/banners/banner-formulanegocioonline-300-9.jpg HTTP/1.1
Host: formulanegocioonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 20:35:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 21:35:05 GMT
Location: https://formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blRtmK%2FmA5UQSRStHTNEmTyZz5VVfu%2FN34h3G7TgRPtqS84M%2F01mYV58UpqVCf7pg6bmB2oSrWr40bZBww6OQVqGuiSEzm%2FTTd%2FT4CIVvasH9358dRRoXrm2USAPkQpoNUdziS1zh1QSBII%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac975745c10b4eb-OSL
alt-svc: h2=":443"; ma=60
formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-13.jpg
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-13.jpg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afiliados/banners/banner-formulanegocioonline-300-13.jpg HTTP/1.1
Host: formulanegocioonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 20:35:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 21:35:05 GMT
Location: https://formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-13.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHEI8m6Yj6mDMmBx1FfuL21kcyQi4CxJ17KWgrZOlnqRByR7jNzH7VE6tH77K2OH7KCdrAeelGmb98DcPAJCRao5nPhjtt4WSnd7GBKastGUZ8MKakUe0du%2FGqVMPwMLpkPC%2F1jKvcjrMAE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac975745e26b509-OSL
alt-svc: h2=":443"; ma=60
tiagonery.com/wp-includes/css/classic-themes.min.css?ver=1
192.185.213.68200 OK 189 B URL HTTP/2 tiagonery.com/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.21
192.185.213.68200 OK 820 B URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.21
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3896), with no line terminators
Hash 28f42fb10205480619507640976869f1
ca53168b772bac0648583bfc5eaee34845a2de71
74247c50b31935df2f8fae77a1661918224019812927f392035580ed703d4a5e
GET /wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.21 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 820
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=2.0.6
192.185.213.68200 OK 7.0 kB URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 25263841367aa66a6fb15073081fab82
4e1b86b35b33350ea98bbe99e6f3d356bfe271c1
c0febc6e68d35bad3ead3a6241041b9f8d95e7ae16202dca2d2622f089de9d7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6981
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=2.0.6
192.185.213.68200 OK 11 kB URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1028), with CRLF line terminators
Hash 26190acd7c55ff9712e1b4127e00e0f2
7d3d9dc9697e59dffb54ac738dac32a6ca38cc9f
eb7613c7d5c093ee7101cb03b8ac799e0f5cd48f56cf50e581ad6cff9a59e964
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10910
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/gs-facebook-comments/public/css/wpfc-public.css?ver=1.7.3
192.185.213.68200 OK 356 B URL HTTP/2 tiagonery.com/wp-content/plugins/gs-facebook-comments/public/css/wpfc-public.css?ver=1.7.3
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash b83086a374383247f31a5c08071bb0a0
38537736839f1ee2a36be91ed9ec6ca66d7c6662
22b95bddc4ce38d78c31a118dfaa76b7b2ffe0475f8581895ee98f9b6f70816a
GET /wp-content/plugins/gs-facebook-comments/public/css/wpfc-public.css?ver=1.7.3 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Mar 2023 01:57:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 356
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=2.0.6
192.185.213.68200 OK 585 B URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 80fb313d60d9fe9e34829b3ca7124934
dcc4afdb85a1460bd06c1cc682cce35d8ec9f202
400f60aae89f3d5b5e02ff41438cbf2cdb7c9635a5013be14ab4813991337be8
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 585
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2
192.185.213.68200 OK 18 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8664da0d19ef15f7ca2b5af6d3a55f03
be0f75f2f9099af2fc3723e79c78409d607cf2cb
6e4b74d17d51bb6c0d03eee714fb78960875bc735d67ced30d131beaba3a233d
GET /wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17788
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
192.185.213.68200 OK 7.1 kB URL HTTP/2 tiagonery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Mar 2023 13:49:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7112
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.185.213.68200 OK 8.3 kB URL HTTP/2 tiagonery.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2021/04/cropped-TIAGO-NERY-4.png
192.185.213.68200 OK 17 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2021/04/cropped-TIAGO-NERY-4.png
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 464, 8-bit/color RGBA, non-interlaced\012- data
Hash ce4b829d32c7bdffee9d12e5e9e6adba
ade50cb91e37b209fbacc7d2d15bdf0032dd8ed7
c34e55bcd18b9b8d83cf12a744cb0cc3d637180fd450b892b5b565717999fcc8
GET /wp-content/uploads/2021/04/cropped-TIAGO-NERY-4.png HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Apr 2021 00:31:10 GMT
accept-ranges: bytes
content-length: 17124
content-type: image/png
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
192.185.213.68200 OK 897 B URL HTTP/2 tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1709), with no line terminators
Hash 0f7a17a34eaa8aa332627eedfcbb8550
0b9ce358885a9d37609f9038c4def23fad721343
7fbbe432e5da7d83ae7b3be8d2f47c430975fe7e51b0b3fdf1ea13be6232879f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 13:49:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 897
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.213.68200 OK 5.3 kB URL HTTP/2 tiagonery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1
192.185.213.68200 OK 689 B URL HTTP/2 tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1146)
Hash ac16a01b1a4d222fbf1566086a431cb8
554ebeddb92e3cc687cf3ad446d95660b7dcba28
f1b181d2137ddf30d2154f7330fd6c7689929df32fa475825d03c99410dd02b3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 13:49:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 689
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/font-awesome/css/v4-shims.min.css?ver=1.0.2
192.185.213.68200 OK 4.4 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/font-awesome/css/v4-shims.min.css?ver=1.0.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26440)
Hash 5e75c39816d96eee382d170657129881
bd2041c8682ff9c8ead3d05d425d87faacc37543
ac87f9885de8211e5a6967bc40858cebde309a1366708960b45646e139bfe4f8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hestia/assets/font-awesome/css/v4-shims.min.css?ver=1.0.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4415
content-type: text/css
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/gs-facebook-comments/public/js/wpfc-public.js?ver=1.7.3
192.185.213.68200 OK 545 B URL HTTP/2 tiagonery.com/wp-content/plugins/gs-facebook-comments/public/js/wpfc-public.js?ver=1.7.3
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash fecb1dd77e5b1ecfdc209b70e7270e79
5ee5a23b805c82aaedb25c0600fe00d669c14e16
84652799497135a39bc28b980be9865cc13daec14b0ddf0b53b40ffb7b0b867e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gs-facebook-comments/public/js/wpfc-public.js?ver=1.7.3 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Mar 2023 01:57:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 545
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2021/04/cropped-cropped-TIAGO-NERY-4.png
192.185.213.68200 OK 5.5 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2021/04/cropped-cropped-TIAGO-NERY-4.png
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 262, 8-bit colormap, non-interlaced\012- data
Hash 1b31daacf348149fe7b7f377b70e59b4
6e1aedbcf407c0366fbbec38e54173d56a8d1ce4
28d1c6f989226762864f6dbab8c043596b6e294b74ce02cf3583dd5447ac3679
GET /wp-content/uploads/2021/04/cropped-cropped-TIAGO-NERY-4.png HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Apr 2021 00:31:38 GMT
accept-ranges: bytes
content-length: 5481
content-type: image/png
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=2.0.6
192.185.213.68200 OK 8.1 kB URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18860)
Hash f05511310555b26778bf5b09b70f4f27
66232ff8d33e8cd4e13c09503eaf69d9773b1376
487e5d8df39e2f26d0ce062405af92589595462bc264101c98709538214dc00a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8053
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.213.68200 OK 4.6 kB URL HTTP/2 tiagonery.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=2.0.6
192.185.213.68200 OK 3.2 kB URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8864)
Hash 4f6beb6fab827bf736dfc1fe72782de9
2bde889e11a1dd7385453eec3608d356e5a2ad5d
c8b69fea55241bfb28eb41054fe6247166d77d4379a4a6c917d8a069cd1992c7
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3217
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 20:35:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6195
Expires: Thu, 23 Mar 2023 22:18:20 GMT
Date: Thu, 23 Mar 2023 20:35:05 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 20:35:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6195
Expires: Thu, 23 Mar 2023 22:18:20 GMT
Date: Thu, 23 Mar 2023 20:35:05 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 20:35:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 80725
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 06:24:31 GMT
age: 51034
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 82292
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 82291
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3EQiNxuVVZEQZb14f9NC8565Ky3LV0Oj5JWg-_fVc9-B91xgBuHB5Q==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:05 GMT
age: 82020
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:32:23 GMT
age: 46962
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.21
192.185.213.68200 OK 7.5 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.21
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (21140), with no line terminators
Hash 5750633d134dc3ce11faa557a18f00ba
11c7eb5c9a7471795c9d692abc7ad2778cab70b8
185af4801d54104e9afdda77231fa2fe68078ca707fb556189d2f12911462815
GET /wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.21 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7537
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2
192.185.213.68200 OK 8.9 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23366), with no line terminators
Hash 852a571f768abd1d8c83350e98628b1b
216680eaf53d6e91a257c57b34f6ac1ecb463cbd
238e8759ae6959123938acb129df9f2e95216f73e8dc4d3ba3c8e09c28ddf2a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8874
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
192.185.213.68200 OK 12 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56331)
Hash 8b9729de0923fed8d48a9af1af0be49e
a90b3fad46ecf349f5953ac095eab824a2f93ab5
edf83b56ea280477b493866b204ddc2b222a9881bc07d292749b4d0081f384b1
GET /wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12236
content-type: text/css
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=2.0.6
192.185.213.68200 OK 17 kB URL HTTP/2 tiagonery.com/wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=2.0.6
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 3704f77b3857ae95f18a99f53257ad7e
64a74aaf47c01cbb389ea0dbd07019f77952b788
79e796b983579bec021dc57d277e6c1696e0fcc6580744314da418da698bf50e
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/htbbootstrap.js?ver=2.0.6 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Feb 2023 23:46:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17190
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2021/03/image-6-768x295.jpg
192.185.213.68200 OK 19 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2021/03/image-6-768x295.jpg
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 768x295, components 3\012- data
Hash d7158be9d7aca53f75334a4ba6547dab
7c40db0a8865cbd99fd3275276ab39bad1d33437
4c8e074854f3cf17c67b287c6e4d5af47e7b39f19e2c538334d56bb6a6dc9846
GET /wp-content/uploads/2021/03/image-6-768x295.jpg HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Mar 2021 13:52:04 GMT
accept-ranges: bytes
content-length: 19114
content-type: image/jpeg
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tiagonery.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.213.68200 OK 18 kB URL HTTP/2 tiagonery.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a398113e38da87128ee629dae2babdef
be052e420708fd0f6e17d97866bfaeeb5011111c
67e633e09797e84d0cbaa456bc2e48154ba11e0366e5502c659696a83ebc7338
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 95394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.5
192.185.213.68200 OK 25 kB URL HTTP/2 tiagonery.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.5
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 154a5d113f17a56126fc708ba075595d
d3f9d9f9c7c4ce0e71e65a1bb02b2e1e86eccdbf
05754c7588b62de225ade6f631e869bcf0e733a7dbc93479de5cf57d8cce1bb6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.5 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 13:49:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/themes/hestia/style.min.css?ver=3.0.21
192.185.213.68200 OK 36 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/style.min.css?ver=3.0.21
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 24ba397b5b429aa55b8515fc1ef83cab
ee58da0e84f3b676701950e405fb124ed14fafab
e8d30a467a2abe45ae3ee0dddeaa670cf2a405e44d82d81f63c4146b51481a4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hestia/style.min.css?ver=3.0.21 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.213.68200 OK 55 kB URL HTTP/2 tiagonery.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 92ff5b2cbcb8f7552c8254b5a422334b
725793023c2ff1d238350420e367e49c04448f6f
48baf3d722093a5a6ac95c69926f9898c0248620d4b7eafb36da328a010928ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
216.58.207.227200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 15:13:53 GMT
expires: Thu, 21 Mar 2024 15:13:53 GMT
cache-control: public, max-age=31536000
age: 105672
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 282165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 95394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tiagonery.com/wp-content/themes/hestia/assets/font-awesome/webfonts/fa-brands-400.woff2
192.185.213.68200 OK 75 kB URL HTTP/2 tiagonery.com/wp-content/themes/hestia/assets/font-awesome/webfonts/fa-brands-400.woff2
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 74760, version 330.15728\012- data
Hash 4f786efdf6328877ec2448bf265bcc8f
9465c5894ca2f93655fa5767b820b762aff6b518
fe85646af222500a866fd63beedb6ae00576c4afab4e0d28b15d9d6d92cb7da5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hestia/assets/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tiagonery.com/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 01:38:42 GMT
accept-ranges: bytes
content-length: 74760
content-type: font/woff2
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2020/05/como-criar-um-curso-online-1.jpg
192.185.213.68200 OK 189 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2020/05/como-criar-um-curso-online-1.jpg
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x334, components 3\012- data
Size 189 kB (189345 bytes)
Hash 970d36b5bc5cbd2cf8b565fdc81b85c8
367753307bb6cac8c5b7ff414fea6859d3f039e8
845b3383157032fcb08aafbeec84e8743d4ff24c310b634beebac933aad11cb8
GET /wp-content/uploads/2020/05/como-criar-um-curso-online-1.jpg HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 May 2020 18:53:06 GMT
accept-ranges: bytes
content-length: 189345
content-type: image/jpeg
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2020/10/o-dilema-das-redes-768x527.jpg
192.185.213.68200 OK 38 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2020/10/o-dilema-das-redes-768x527.jpg
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x527, components 3\012- data
Hash 2db20efd8cab7c656766b69cc028b4b7
9e48f82982ec48e41d06d471ec98f83cdfe92d58
46cd2d32a790eeb4c6d3a4df69c03574464c55b35701d6d25dcff616e295d955
GET /wp-content/uploads/2020/10/o-dilema-das-redes-768x527.jpg HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Oct 2020 19:00:08 GMT
accept-ranges: bytes
content-length: 38497
content-type: image/jpeg
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2020/05/formula-neg%C3%B3cio-online-768x432.jpg
192.185.213.68200 OK 42 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2020/05/formula-neg%C3%B3cio-online-768x432.jpg
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x432, components 3\012- data
Hash 3a3c5100890d12f9acbf503005cc2edd
0799367944af5c73cea6646bef62270dcbfaf75a
7faea751597df07fab758d51456ec6b8aa37cda8ad30223901ee4e4c1f1bd01a
GET /wp-content/uploads/2020/05/formula-neg%C3%B3cio-online-768x432.jpg HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Cookie: pys_session_limit=true; pys_start_session=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 May 2020 20:25:58 GMT
accept-ranges: bytes
content-length: 41793
content-type: image/jpeg
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 23 Mar 2023 20:05:11 GMT
expires: Thu, 23 Mar 2023 22:05:11 GMT
cache-control: public, max-age=7200
age: 1794
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: max-age=169456
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:39:21 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Last-Modified: Thu, 23 Mar 2023 19:32:54 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 1a68c295f83fd3e4d9f7107b8ad6a7da
9fa2f259b4ad389ffc3ba7a8612198df0d3f671a
db8e06a3440803d3aec80a804cf3b7e7bf8ed3822e6126f12e5780263f6fd46b
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 18eeddd701c2d6455a2bf64e26ab51ec
etag: "36cf585c1372610f24376ac11be5eb56"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 23 Mar 2023 20:47:15 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GmjClfg/0+TZ9xB7itan2g==
x-fb-debug: bcAiy6UbBrZO4u4RqTZb1K2puLMka4dYalq3hFZWwGraJ4GQHxw+Tl7RRa4d9UYefKQPVfL1C8T+SnlpNjEgCA==
content-length: 1688
x-fb-trip-id: 1904183273
date: Thu, 23 Mar 2023 20:35:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: H0b4tqVMl5qNtTEta6DnD+qjpiykFHpGCn5hT9V5Y4E0aZ5DpHDCCuHJaCsOfKV1ZvOfaX4G1x8gRNPP9/w6yg==
content-length: 27907
x-fb-trip-id: 1904183273
date: Thu, 23 Mar 2023 20:35:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2828
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Last-Modified: Thu, 23 Mar 2023 19:47:57 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9322347209596894&host=ca-host-pub-2644536267352236
172.217.21.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9322347209596894&host=ca-host-pub-2644536267352236
IP 172.217.21.162:0
File type ASCII text, with very long lines (3599)
Hash 6b441502fd50bff3da4c33f057a63f24
85a35d683c3b0e4b5dc5d77d8ba16e29d797be82
5c636577879302dd594f4466a105f95106645531795c8f44acbd1f0ffd5f9aa5
GET /pagead/js/adsbygoogle.js?client=ca-pub-9322347209596894&host=ca-host-pub-2644536267352236 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Mar 2023 20:35:05 GMT
expires: Thu, 23 Mar 2023 20:35:05 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1932895287967925264
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2021/04/cropped-Tn-2-32x32.png
192.185.213.68200 OK 518 B URL HTTP/2 tiagonery.com/wp-content/uploads/2021/04/cropped-Tn-2-32x32.png
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit grayscale, non-interlaced\012- data
Hash 3139fb2b7ae7dc664f27c402b605c214
38ae577c3c54c0acbef33cda9b61a24ed7ac5002
09489e2919e7de31a9f8e5d379165f93c374aa11c9107e65ab5de23f170827b4
GET /wp-content/uploads/2021/04/cropped-Tn-2-32x32.png HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Apr 2021 00:59:45 GMT
accept-ranges: bytes
content-length: 518
content-type: image/png
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
tiagonery.com/wp-content/uploads/2021/04/cropped-Tn-2-192x192.png
192.185.213.68200 OK 1.2 kB URL HTTP/2 tiagonery.com/wp-content/uploads/2021/04/cropped-Tn-2-192x192.png
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Hash d1ae4c4fd6942073a63feff603e4c4dc
81f51d968d8b449d7b195b3149d178662fc22971
2193be0314b8057f6bcad2ba330abd9b32b2082a043f4ce1236bf59ab8b82980
GET /wp-content/uploads/2021/04/cropped-Tn-2-192x192.png HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Apr 2021 00:59:45 GMT
accept-ranges: bytes
content-length: 1161
content-type: image/png
date: Thu, 23 Mar 2023 20:35:05 GMT
server: Apache
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=edd59b4ab3bb201b8cc8c3f4437fa882
31.13.72.12200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=edd59b4ab3bb201b8cc8c3f4437fa882
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash d999f34b847dc65517b86943976967df
80d6d6c725261112d527db04030be1cbc7776ce6
3b8106a37a8d86f95f47ce5991732081ac3f5c2f70821f9d24927e12f1c26553
GET /en_US/sdk.js?hash=edd59b4ab3bb201b8cc8c3f4437fa882 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b3c7e949f29f6c200189c4141f2baee3
etag: "7952b96b71e3751c7206cdb08447068c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 22 Mar 2024 19:39:14 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2ZnzS4R9xlUXuGlDl2ln3w==
x-fb-debug: YVpIK5GJK9QTKbApcNq0MaidqbVo5SW/dfamB4DoW46Zh7hC1lVL/MMbAuqK03Tq0GhEpHQuJJew/ePf7v52eQ==
content-length: 88590
x-fb-trip-id: 1904183273
date: Thu, 23 Mar 2023 20:35:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230322/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Thu, 23 Mar 2023 13:45:22 GMT
expires: Thu, 06 Apr 2023 13:45:22 GMT
cache-control: public, max-age=1209600
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
age: 24584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tiagonery.com/wp-admin/admin-ajax.php
192.185.213.68500 Internal Server Error 0 B URL HTTP/2 tiagonery.com/wp-admin/admin-ajax.php
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Content-Length: 480
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Cookie: _ga_EW8GV7NSNS=GS1.1.1679603714.1.0.1679603714.0.0.0; _ga=GA1.2.4383971.1679603715; _gid=GA1.2.792824126.1679603715; _gat_gtag_UA_85049277_1=1; _gat_gtag_UA_189427602_1=1; _fbp=fb.1.1679603714587.7071788955
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 20:35:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ebcf61a48430e13e52994188ea9b55dd
412e2406dc4c96f2b8cc4d6cd7e27551de38983a
34e780818d56cf60e6ce4235c5d5b296db56ccd3f243a578902bbe9d0e95f30b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2752884554951030&ev=PageView&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&rl=&if=false&ts=1679603715038&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-6.1.1-3.0.8&ec=0&o=30&cs_est=true&fbp=fb.1.1679603714587.7071788955&it=1679603714803&coo=false&rqm=GET
157.240.200.35200 OK 110 kB URL HTTP/2 www.facebook.com/tr/?id=2752884554951030&ev=PageView&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&rl=&if=false&ts=1679603715038&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-6.1.1-3.0.8&ec=0&o=30&cs_est=true&fbp=fb.1.1679603714587.7071788955&it=1679603714803&coo=false&rqm=GET
IP 157.240.200.35:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110260 bytes)
Hash 049f16e1cd665adc86618d87b65620d5
4e57523cb52f1e84e3a970a6f963220a5eb662d8
0d467927ee38ae7c25428378bcb3ac4c4a7e4e010dff0a762d7fad244ecf545d
GET /tr/?id=2752884554951030&ev=PageView&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&rl=&if=false&ts=1679603715038&sw=1280&sh=1024&v=2.9.99&r=stable&a=wordpress-6.1.1-3.0.8&ec=0&o=30&cs_est=true&fbp=fb.1.1679603714587.7071788955&it=1679603714803&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 23 Mar 2023 20:35:06 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=tiagonery.com&callback=_gfp_s_&client=ca-pub-9322347209596894
216.58.207.226200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=tiagonery.com&callback=_gfp_s_&client=ca-pub-9322347209596894
IP 216.58.207.226:0
File type ASCII text, with very long lines (393), with no line terminators
Hash 77e8521ef12e9637b835afab0f586ef6
88ecc736fad16593f88e204cc9ea9a7d7324bbbb
52d8f1635a8024c9a2c499e42124035c9681e5f6f00f7925ce851d86bc4ae549
GET /gampad/cookie.js?domain=tiagonery.com&callback=_gfp_s_&client=ca-pub-9322347209596894 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 20:35:06 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&gjid=1138861675&_gid=792824126.1679603715&_u=YCDACUAABAAAACAAI~&z=1256798454
209.85.233.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&gjid=1138861675&_gid=792824126.1679603715&_u=YCDACUAABAAAACAAI~&z=1256798454
IP 209.85.233.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&gjid=1138861675&_gid=792824126.1679603715&_u=YCDACUAABAAAACAAI~&z=1256798454 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://tiagonery.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 20:35:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=tiagonery.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=tiagonery.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=tiagonery.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 20:35:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=tiagonery.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=tiagonery.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=tiagonery.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Mar 2023 20:35:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 15a79d87680ced9baa769b58a70a08c9
5a6bd5d054b135b021d03f3148a249aa274d5930
9e075624b17dbee04f9cd5544c2f0f053f4fadfc49ab3572edd5f350c35a7816
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a37ccb2b0d2b6bd75ea76a9535478b74
282cdfc85b1bc6e7b8741fb82ea37844ba831a53
6f9eded96973ad739947a784fddd57298bd3bc8abb3d71eff5c5492826cf254a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:35:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85049277-1&cid=4383971.1679603715&jid=1337464654&_u=YCDACUAABAAAACAAI~&z=1078839078 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:35:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EW8GV7NSNS>m=45je33m0&_p=1457657474&cid=4383971.1679603715&ul=en-us&sr=1280x1024&_s=1&sid=1679603714&sct=1&seg=0&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&dt=Empreendedorismo%20Digital%20-%20Trabalhando%20de%20Casa&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EW8GV7NSNS>m=45je33m0&_p=1457657474&cid=4383971.1679603715&ul=en-us&sr=1280x1024&_s=1&sid=1679603714&sct=1&seg=0&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&dt=Empreendedorismo%20Digital%20-%20Trabalhando%20de%20Casa&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EW8GV7NSNS>m=45je33m0&_p=1457657474&cid=4383971.1679603715&ul=en-us&sr=1280x1024&_s=1&sid=1679603714&sct=1&seg=0&dl=https%3A%2F%2Ftiagonery.com%2F%3FZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ%3D&dt=Empreendedorismo%20Digital%20-%20Trabalhando%20de%20Casa&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://tiagonery.com
date: Thu, 23 Mar 2023 20:35:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env
172.217.21.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env
IP 172.217.21.162:0
File type JSON data\012- , ASCII text, with very long lines (14850), with no line terminators
Hash d42738cfe15939348e291c86109371f4
ebe4a1dea4ef97757c345d9258c705e714dc9cdb
17346820a5283454358f051cddc4f7613c5e7f4aa8bce2f0ae2c2ae57f86d933
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiagonery.com
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 23 Mar 2023 20:35:06 GMT
server: cafe
content-length: 11208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a2c8b3a7a09c1661f2c044c61bacd02d
428c0bbd8a1ea8642220894e567be4b13259eb08
27e52aa4cf46b9ff91af79568ccebe41028bc37bbf98cc8901d8d3251db442da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 20:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tiagonery.com/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
192.185.213.68200 OK 81 kB URL HTTP/2 tiagonery.com/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 16b59f077e9d10f3dccfa08fef1beabc
df3c5e26610ba2736785798c772cafbf4f2aecb3
0c32318a48b94cf0b67265b54de1b757f93825ae6f1dcbca3a84bfc1555d3c3c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
Cookie: _ga_EW8GV7NSNS=GS1.1.1679603714.1.0.1679603714.0.0.0; _ga=GA1.2.4383971.1679603715; _gid=GA1.2.792824126.1679603715; _gat_gtag_UA_85049277_1=1; _gat_gtag_UA_189427602_1=1; _fbp=fb.1.1679603714587.7071788955; _fbp=fb.1.1679603714587.7071788955; __gads=ID=bd19b85c30951b44-22af559364dd006e:T=1679603706:RT=1679603706:S=ALNI_MYooTVITLdzMTxJIQn_ZUoQaTvO6A; __gpi=UID=00000bcb1d892d5b:T=1679603706:RT=1679603706:S=ALNI_MbJeHFW5m6Ou497LLdchz5AYFOeAw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 15:09:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 23 Mar 2023 20:35:06 GMT
server: Apache
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.65200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 02:02:12 GMT
expires: Fri, 22 Mar 2024 02:02:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 66775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.21
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.21
IP 142.250.74.138:0
GET /css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.21 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiagonery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 20:35:05 GMT
date: Thu, 23 Mar 2023 20:35:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-9.jpg
188.114.96.1404 Not Found 0 B URL HTTP/2 formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-9.jpg
IP 188.114.96.1:0
GET /afiliados/banners/banner-formulanegocioonline-300-9.jpg HTTP/1.1
Host: formulanegocioonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 23 Mar 2023 20:35:05 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: WordOps
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
cache-control: public, max-age=86400, no-transform
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgSeZOa7S9MPQQNrU5DDCU%2FvtUc5HU7PUbNj5GEcNv2XE8f1jJmVHUd4Mtubdwhry1LQTMgoGGr7O1%2BhebFj4eBTQeHpJCjAs%2Fp7F5%2BWdlX7oMo0a%2FrzFcVssTvfcbTNWhcvYuODVurRs7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac97574cf8eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-13.jpg
188.114.96.1404 Not Found 0 B URL HTTP/2 formulanegocioonline.com/afiliados/banners/banner-formulanegocioonline-300-13.jpg
IP 188.114.96.1:0
GET /afiliados/banners/banner-formulanegocioonline-300-13.jpg HTTP/1.1
Host: formulanegocioonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 23 Mar 2023 20:35:05 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: WordOps
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
cache-control: public, max-age=86400, no-transform
content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAssmqbOBc0Bnwj%2BPxENTTPwatf2OYFQGEuPZscvNVcSYgEVX1Hh777rS3sO74iJFsaBr9m4oYjL4noL2PVrUHHmsZM9Dv1rzVqfo2lfI7KDd4zhTPfgQ2CYCAVrJqK5A2yS95QdfwSZFvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac97574cf9ab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
192.185.213.68200 OK 0 B URL HTTP/2 tiagonery.com/?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ=
IP 192.185.213.68:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /?ZXJpay5iYXJ0bGV0dEBtY2dhbm5iYXJ0bGV0dGJyb3duLmNvbQ= HTTP/1.1
Host: tiagonery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://tiagonery.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 20:35:04 GMT
server: Apache
X-Firefox-Spdy: h2