Report - salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25

Report Overview

Submitted URL
salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
IP
162.241.2.87
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-18 08:15:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	3.8 kB	8.2 kB	142.250.74.131
stock.statisticline.com	unknown	2023-02-15T11:05:06Z	2023-03-25T21:36:52Z	373 B	2.1 kB	162.55.76.206
far.statisticline.com	unknown	2023-02-15T11:03:54Z	2023-03-25T21:36:53Z	505 B	322 B	162.55.76.206
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	1.5 kB	1.3 kB	142.250.74.106
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
salads.com.br	unknown	2020-02-08T01:10:00Z	2023-02-23T01:04:20Z	29 kB	535 kB	162.241.2.87
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	68 kB	34.120.237.76
bluelabelsky.com	unknown	2023-02-04T10:00:35Z	2023-03-25T04:21:12Z	1.5 kB	966 B	134.209.192.77
0.bluelabelsky.com	unknown	2023-02-04T10:00:33Z	2023-03-25T04:21:03Z	1.6 kB	968 B	134.209.192.77
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
cdn.statisticline.com	unknown	2023-02-15T11:04:19Z	2023-03-25T21:08:30Z	761 B	106 kB	45.9.148.165
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	495 B	17 kB	142.250.74.35
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	383 B	46 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.89.222.161
stats.statisticline.com	unknown	2023-03-11T12:07:59Z	2023-03-25T22:07:30Z	1.4 kB	3.5 kB	162.55.76.206
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	370 B	21 kB	142.250.74.110
come.sortyellowapples.com	unknown	2023-02-06T20:31:49Z	2023-03-25T21:36:53Z	554 B	653 B	162.55.76.206
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-26T05:15:01Z	898 B	444 B	216.239.34.36
dm06.biz	unknown	2022-12-19T09:34:48Z	2023-03-25T18:36:51Z	1.2 kB	2.5 kB	212.129.25.206
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	6.1 kB	16 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-18 08:15:45	high	Client IP	162.241.2.87	ET PHISHING Generic Phishkit Activity (GET)
2023-03-18 08:15:48	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-18 08:15:48	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-18 08:15:48	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-18 08:15:49	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-18	medium	salads.com.br/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-03-18	medium	salads.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1	Phishing
2023-03-18	medium	salads.com.br/wp-content/uploads/elementor/css/post-3055.css?ver=1677092318	Phishing
2023-03-18	medium	salads.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0	Phishing
2023-03-18	medium	salads.com.br/wp-content/uploads/elementor/css/post-4400.css?ver=1677092566	Phishing
2023-03-18	medium	salads.com.br/wp-content/uploads/elementor/css/post-4078.css?ver=1677092319	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49	Phishing
2023-03-18	medium	salads.com.br/wp-content/uploads/elementor/css/global.css?ver=1677092319	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1	Phishing
2023-03-18	medium	salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1	Phishing
2023-03-18	medium	bluelabelsky.com/w77899721.js	Phishing
2023-03-18	medium	0.bluelabelsky.com/w77899721.js	Phishing
2023-03-18	medium	dm06.biz/sw/w1s.js	Malware
2023-03-18	medium	salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49	Phishing
2023-03-18	medium	salads.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2	Phishing
2023-03-18	medium	dm06.biz/sw/w1s.js	Malware
2023-03-18	medium	dm06.biz/sw/w1s.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	236 B	2023-03-26	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 0ef1109e406e0588e2eeacd05199a07f 39ba002abb4c32ca42533bb8d22ab3ff7e56cba1 21b43268106c258cb6a8fb53aab916b741797906a069c6a90c32d4d4ad911fa8 Loading...

	cdn.statisticline.com/scripts/sway.js?v=2	3.4 kB	2023-03-26	2023-03-29
Pretty URL cdn.statisticline.com/scripts/sway.js?v=2 IP 45.9.148.165 ASN #49447 Nice IT Services Group Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-29 21:00:38 Times Seen6 Hash b08cd5d457c97dd116ad673193396ef9 30f26dbe35985ff9f956823ce5ef1e054f466607 8d8d7c47af34497c96fbc05bb33488d866079b6fdfcbcda260cc77eecc16d39d Loading...

	salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4	8.8 kB	2023-03-13	2024-04-15
Pretty URL salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2024-04-15 22:34:30 Times Seen363 Hash 45b577a6298aa98edd18711a4029747f afb1fec0174da42195dc1092814470b3f5e26360 93272f20839f44a19564f78577a3c3ac70131dd6304ccddeedcb3cabed750df5 Loading...

	salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2	42 kB	2023-03-14	2024-04-10
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:20:29 Last Seen2024-04-10 02:53:28 Times Seen571 Hash 125181081e2e3ee16edc77ed1cce0d6d 52afe8b5e280d57474400daa622427f186d28fdb 54653e67bf7f952e3b4b2beae1d77c4e85012231efa6eecc4fcda2977b605e7b Loading...

	salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2	45 kB	2023-03-14	2023-12-11
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:20:28 Last Seen2023-12-11 04:52:34 Times Seen138 Hash cc5af06ce87aead57bd35d730bcc48d0 cf6e4989ff90d64c2207a13a4b66c964909174bb f6dbcc3a3a55020b094968b2efb2302a5426262e7a6ed0bfd0f64c532c8f8430 Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	4.8 kB	2023-03-26	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 43cbb43423d7fba52c15448344e8e936 7fb193cebd4631ab761fc5253cd0a709f7b26095 74897b23ab2bac52549cb921e3be9fba7bc89d1c6e888caaa9fe23fd890fb39b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NJ6NH6Q	99 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NJ6NH6Q IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 08b0f495549f33722f00712edb9efaf4 9257124648fe9ec5d84c379c2b2367d1f0cebb3f a3c742153677b16be17a705a94ce16eb59b4d99c95f96266d3debbd0dc383ed0 Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	3.2 kB	2023-03-26	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 7470c54a68f5ed3479354dbac61adb81 25e691414e34a23f4bf22a1d41bd58926cbbf375 9ed8ccf26057478a708030e1183bace726cb2b87ac8ffb3e3140bfdcc6f80007 Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	298 B	2023-03-08	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:02 Last Seen2023-03-26 09:29:09 Times Seen2 Hash 300791028a7c8ad529ccb7e664ea237c 17f275ff02e5f78fa424087f6ce7aa92b7639158 3d1f2e025562b02b66708b22ad0a9ead9597bc05186fe50b04433648fd993560 Loading...

	salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1	22 kB	2023-03-14	2024-02-07
Pretty URL salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:17:24 Last Seen2024-02-07 11:02:48 Times Seen271 Hash af617d20d35c0b45a67408fe958d0ad0 7fb1825757f3c98091d59cf6fcbcc314ebdf5724 49c8a7c10278c65517da8ce7b7f1776f72550c01169b00d2e99f95866d423d20 Loading...

	bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456	8.1 kB	2023-03-26	2023-03-26
Pretty URL bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 IP 134.209.192.77 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 5220aad23706201f1e2c285bdc94ddf1 c7825fdb9bb88c4015dad8e397f79de83db93bd2 a5eaf1e27eb3349db07ad9bb3060aa6e6954031f6f0078554d6ae2b6570b8302 Loading...

	salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1	5.4 kB	2023-03-14	2024-02-07
Pretty URL salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:17:23 Last Seen2024-02-07 11:02:48 Times Seen246 Hash 440a51b98438113293a424a2471bd48a 98539c94a649e2c106dc2a8b7977acd5480e62fc 1c3a0b671a4a38fe670738a7971a346113774baa56c8c1514278576359a38273 Loading...

	salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2	36 kB	2023-03-14	2024-04-10
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:20:29 Last Seen2024-04-10 02:53:27 Times Seen519 Hash 80a94dc5c254dcb6cc4e5c28bb33f968 19b1fc11e44ed8b4c19752a33e6de2da1bd84a2e a3d2467dafcf3ec25a9388f64b1db604286540134984e0b3dd81cba78fce1108 Loading...

	salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-17
Pretty URL salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-17 19:29:16 Times Seen25589 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	cdn.statisticline.com/scripts/swaynew.js	4.1 kB	2023-03-26	2023-03-29
Pretty URL cdn.statisticline.com/scripts/swaynew.js IP 45.9.148.165 ASN #49447 Nice IT Services Group Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:25:57 Last Seen2023-03-29 21:00:37 Times Seen45 Hash 1d1a1f2d57028a540c2ed63023c28106 531fbdb35d1c87d8877aff561888f25d101ece3a d265c9b96a93946c58dfe624725a175c505e039df49d76cfe5c78e313ef0b56c Loading...

	come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456	244 B	2023-03-26	2023-03-29
Pretty URL come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456 IP 162.55.76.206 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-29 23:36:46 Times Seen2 Hash c8525b2bdd301d0262c77648e02df6a5 d37f234e44a8c359456b61387e1736c8aa2c2294 b49e7b7709934eaa69c5a8fa64f8d44cfd51e63e567ee8f4d8de129b79bcd105 Loading...

	0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456	8.1 kB	2023-03-26	2023-03-26
Pretty URL 0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 IP 134.209.192.77 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 41d6473e19163fb6f7821faed27c9562 e44b215da959d80d381fc3dc42e9b16a4cd24b8c 44db0f009cf02d58cadec86e2a99d18265a7e17eb239841d1d58c80e11af0dcb Loading...

	stock.statisticline.com/scripts/trick.js	1.8 kB	2023-03-26	2023-07-22
Pretty URL stock.statisticline.com/scripts/trick.js IP 162.55.76.206 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:21:43 Last Seen2023-07-22 17:31:51 Times Seen84 Hash 1867613952ccc84050898a2b90673c34 b5540bd5125006be5a4660240b79e10e755bfbb8 457151a58df3b35b928c930be326d6fe3678e482555c2524e0775a04f4dec63f Loading...

	salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991	63 kB	2023-03-09	2024-01-24
Pretty URL salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:50:48 Last Seen2024-01-24 11:53:58 Times Seen119 Hash 4d0d2c4e5cafdeba2d4448c480e1c4bd b36a19178bd918608c9d05d9c6b31a3ec9aa4560 04380d3d18e1f8e91d870464a73d5e2829664189cfee4c6de58672500c0fcf84 Loading...

	salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-17
Pretty URL salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-17 19:29:14 Times Seen9794 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	www.googletagmanager.com/gtag/js?id=UA-164221465-1	118 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-164221465-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash f25cf71c79ee34c226f461df83e02445 b469bd3bc5f8ac7f10accec4f46e076d18039e15 da9ce41153f0d154a3ae3abc5486d53bed432cca16d0b6525e08eef222953402 Loading...

	salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1	155 kB	2023-03-14	2024-01-26
Pretty URL salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:37:56 Last Seen2024-01-26 00:10:05 Times Seen91 Hash acb7a69c1e8a31277d47706fee0332bd 81e1b7acd5ad1339ad988db2ad91fac00de468e3 70a447960e21a46fead7856227f74516080522d1c42b25dda4d2e2dbf4bf43ca Loading...

	salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	139 kB	2023-03-07	2024-04-18
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 05:49:36 Times Seen23106 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49	9.8 kB	2023-03-26	2023-11-02
Pretty URL salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-11-02 03:56:00 Times Seen2 Hash c8fd0d29277a5ae97929d092360a06b3 0f2f92cc2b10a69e15ca1eeb593297bf7d5328c0 f7ecb6efa0ef383b1737463a11daec5a43fb0ab0b01c990d097693bc9e223c19 Loading...

	salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	20 kB	2023-03-26	2023-03-26
Pretty URL salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash b5fc0cd543dfa2d8dc6b1244e22f59e2 924987e9c293941cf58238c5dd95b1c98acc825d b49c9d16c519321765ea2e6bf7235c653f899c509c03fec114a33be7b356b472 Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	440 B	2023-03-08	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:02 Last Seen2023-03-26 09:29:09 Times Seen2 Hash cd90c1eea5e18b8b40fba9c906ea94fc 96cd6f8ac31bfbe534976ce69366c6404d356558 e45e0d1f59e51963fe2363ba7ef51eeb7048f4ca50818f91c12fe9347e022b4c Loading...

	stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637	3.5 kB	2023-03-26	2023-04-19
Pretty URL stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637 IP 162.55.76.206 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:10:57 Last Seen2023-04-19 16:39:14 Times Seen37 Hash 3235ff343bbd3ae7cf96e22389dd0abd 13374fa026e7333c46211e39d690b683292eb2cd 804916a811fb1c9663917b0c1967e70b3ce13a5a032b83b2d22bf6a4d7d843c1 Loading...

	salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49	286 kB	2023-03-08	2024-01-09
Pretty URL salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:47 Last Seen2024-01-09 22:59:47 Times Seen160 Hash fe95d06e0db22c36f5d2bb0ae5a4b417 e37ff88a0df7196aa054f6427d2096c23583bad2 ed77b766860783a4d9a1a19b0ec83a1d9a2a39741d9af3ff77b167403192d12e Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	7.8 kB	2023-03-26	2023-03-26
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 06100fb375a3e9260a1b9b1f5753a115 9c91a1d436520a238e118f5b7e22221fe1d69d46 8073f3f461d8e53c5e7a59caeea7d92693a92d5a844ca1987d4fcf80c0d155ce Loading...

	salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-18
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 06:03:28 Times Seen52405 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	91 kB	2023-03-26	2023-03-26
Pretty URL salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 416f0ef695c29c43b8ac59c40d8aefd1 ea1af5b019f93456cb37645126a1b844ab8503af 35b1c978dc13655480af2feac1e62d74d25a44e4e5d48daa5e6f013ed10a6068 Loading...

	salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-17
Pretty URL salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-17 19:29:14 Times Seen15468 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105	2.0 kB	2023-03-26	2023-04-25
Pretty URL stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105 IP 162.55.76.206 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:00:16 Last Seen2023-04-25 14:26:20 Times Seen114 Hash 27a5013f6539ad25cdb35c57fb7c023b 98efaa4da4687686287bc48d1b28435f71bd0155 eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e Loading...

	salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25	1.1 kB	2023-03-26	2023-10-19
Pretty URL salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:21:43 Last Seen2023-10-19 04:46:03 Times Seen36 Hash 1106a768b28982ff34682e2deef10393 5625e739f44e74e9284bb708dc48503bd6957f6a c4a34dd08ca4712eba47726c132742f9c81f79709a55fd8dcbd1eec052822e1d Loading...

	salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-18
Pretty URL salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-18 06:37:26 Times Seen68467 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-13	2024-04-16
Pretty URL salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 162.241.2.87 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:22:33 Last Seen2024-04-16 09:21:59 Times Seen13729 Hash 21f3b77d2002ceb93aa7d53df93d8819 b18ad011433e3493ee37239d77fdc526366d9cb5 e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba Loading...

	www.googletagmanager.com/gtag/js?id=G-337VFVTX2L&l=dataLayer&cx=c	239 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-337VFVTX2L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 30d1f14cef1e35735ddb14840416dde8 614fca7a9f3cb7b227a92763b2f42e049c0428de 3640c13f9d1e2ee6e42f15ecaf4b044f7240dc29dfb74318be993dd12cef4997 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2f2f756677f06931812e3c97e93703f7	7.9 kB	2023-03-26	2023-03-26
Pretty Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 2f2f756677f06931812e3c97e93703f7 ec86f0ae9dc4dc1b31e6de82b3648097d989c713 68bf2a71b6e0db2c0ecd0380d3a36a4f9c2036d17ba07730ee4bb1dacfd8d7d0 Loading...

	#2 Eval - 798858312f93a0fe26d7626f73805aff	273 B	2023-03-26	2024-01-11
Pretty Observations First Seen2023-03-26 04:21:44 Last Seen2024-01-11 12:40:13 Times Seen80 Hash 798858312f93a0fe26d7626f73805aff ed0953e86dc0ea8135e892dffd325d50482ddde4 efd44db69cd808b1b3792b57169f870bb0dd2984e1cc28ffd94e59e2eb085095 Loading...

	#3 Eval - 8814dc7819a819ebebf4f4c80da33be2	284 B	2023-03-14	2024-04-15
Pretty Observations First Seen2023-03-14 13:13:42 Last Seen2024-04-15 11:28:34 Times Seen140 Hash 8814dc7819a819ebebf4f4c80da33be2 8add35cced5692468bc973e8fcc5fca9f74d00db 0f42db90592cbd66a7dee13e3fb7c22ee894e30abd26e09c9e5280b3fcb98fa0 Loading...

	#4 Eval - 61c170d3d3a0e2cbf26a3c23155fd6b9	7.8 kB	2023-03-26	2023-03-26
Pretty Observations First Seen2023-03-26 09:29:09 Last Seen2023-03-26 09:29:09 Times Seen1 Hash 61c170d3d3a0e2cbf26a3c23155fd6b9 3b8bc4fca32b728d3d4e532dce50461fab68d846 8e31532aea9fe2510436a67a55d298c49994e4bac7023ad20d4f80e74a4d980b Loading...

HTTP Transactions (109)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sat, 18 Mar 2023 11:14:04 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8458
Expires: Sat, 18 Mar 2023 10:36:42 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 07:26:54 GMT
content-type: application/json
age: 2930
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11953
Expires: Sat, 18 Mar 2023 11:34:57 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HNuBzCjKHoPbfxfwuPzEk7bDAVbqNjWyML6nAJBCv5UzGfbpF6q8nF/GvtxL0404rru74yytt1c=
x-amz-request-id: HBJHCDTGCXYGNKFX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 07:51:51 GMT
age: 1433
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 08:14:32 GMT
age: 73
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3780
Expires: Sat, 18 Mar 2023 09:18:45 GMT
Date: Sat, 18 Mar 2023 08:15:45 GMT
Connection: keep-alive

push.services.mozilla.com/

52.89.222.161

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.222.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mR7C9H1w7xBaILmLJ1cNQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aojv/z2Gq+Cm7FdrmIRQlUwIwkM=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0e555e6156d3508c82205a700732f82
4034e26ac427a452619c27daf5d4908b70de0667
96593165f18a3d10fa8ba4bc4aa0d4297f22b7eb6b9b0ddbb2b2ce9e699b515e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96593165F18A3D10FA8BA4BC4AA0D4297F22B7EB6B9B0DDBB2B2CE9E699B515E"
Last-Modified: Sat, 18 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 18 Mar 2023 14:15:46 GMT
Date: Sat, 18 Mar 2023 08:15:46 GMT
Connection: keep-alive

salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25

162.241.2.87

200 OK

17 kB

URL HTTP/2
salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
17 kB (17332 bytes)
Hash
ae32e3800a22b13ade219a29204ea317
29d32cc050022d18d6ef7c4efaa71f56654a3050
dc3803e84688573ff83f894e0421d984f43fa76c6d59ccf4d3b2e7831870ec1c

HTTP Headers

GET /boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://salads.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 17332
content-type: text/html; charset=UTF-8
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

salads.com.br/wp-includes/css/classic-themes.min.css?ver=1

162.241.2.87

200 OK

189 B

URL HTTP/2
salads.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1

162.241.2.87

200 OK

2.3 kB

URL HTTP/2
salads.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6051), with no line terminators
Size
2.3 kB (2332 bytes)
Hash
c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:55:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2332
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991

162.241.2.87

200 OK

7.2 kB

URL HTTP/2
salads.com.br/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (23729)
Size
7.2 kB (7177 bytes)
Hash
d41663c572a2b2cf0192868fcd973552
aaddbface6ea034a642e63693bf9202ba2498019
ef9233349b48433d563c460465c8eb1c8d27d2646e5ccb9e583fc9ad4b12bbe7

HTTP Headers

GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7177
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-164221465-1

142.250.74.168

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-164221465-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
46 kB (45759 bytes)
Hash
3e1cff8d0766404930765c9cc781520b
eded56084295fe7785b92db9c41e9f348a46057c
afdfde6626559054fa6e7e2b38f34d98f698f2305aaed3232597863ab6f9436c

HTTP Headers

GET /gtag/js?id=UA-164221465-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 08:15:47 GMT
expires: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12359 bytes)
Hash
83142ea4b613dced13c6b95dc4113823
feb241d4bc3b1addcad3e95e635d8d178764f877
a6009dabe0546699d1ea37becdfbfe9830bc30cedcafd7882a0578b3c6562221

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12359
x-amzn-requestid: 7ddacc86-c7e0-436c-8b0f-53f649fbebc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8fJvFx-oAMF5Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414df0a-05ce281451f3c4d6637ebe44;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Rd6jLe3EihVM-OzDNZhJbtF2rPXtGjI3KxBS5_R0wopjBuSKDMUSVA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:05:21 GMT
age: 36626
etag: "feb241d4bc3b1addcad3e95e635d8d178764f877"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8487 bytes)
Hash
be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: f904b483-c6ae-4318-9932-4e48d8188585
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTpAEUAIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f996c-5905cad6148df52e4f10ecf5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:45:16 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iFDVPB-wzZyIG9xYU-f3rnebwRbaWDo90aD520OcgsptZR0vmkc2ew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 23:05:01 GMT
age: 33046
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5531 bytes)
Hash
23a8641328e19a1089aba9c25b56f5f9
6e6bae868b11788860aa23c5c35ee86d4e7edd80
7e16b14c774413387d81c06e068738a0f97882cd32ebdbf61ad711fa8aa8a5d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5531
x-amzn-requestid: dcb5f835-dae0-4fd2-846d-33e52501b016
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eS7HtSoAMF8eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddac-2e1022da61b5532756dcbeff;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: z4j-PSYSG-H58566292KAzF1Y08DrgcxvunTtWBD8dErl3n_oRweyA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:34 GMT
etag: "6e6bae868b11788860aa23c5c35ee86d4e7edd80"
content-type: image/jpeg
age: 34933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12424 bytes)
Hash
e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:23 GMT
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
age: 34944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa54252-0e93-4692-8511-7bd28ee2e39a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12039 bytes)
Hash
2a8c5414f5b5a439898b0706321a070f
fa8d35fb7ea0ed35cbbf15875d2601c6249781a6
05d28868a7d19901f9002dd2ee122a916d81fee64389fad8e47eb1563cb68d7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa54252-0e93-4692-8511-7bd28ee2e39a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12039
x-amzn-requestid: 252b3768-67d8-4c73-9962-a8d976f246ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B3LLvFXDIAMFTvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6412bf17-7ff6cd8207fb88cf558ac6d1;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 07:02:47 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OFMgrd6angygF_tsNYg_R0YajERjND38odHWlg400JSRoC7jY74ToA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 07:36:31 GMT
age: 2356
etag: "fa8d35fb7ea0ed35cbbf15875d2601c6249781a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11204 bytes)
Hash
05370e6d7505b4529eea9e993f98e1fe
83339f33716c03c3ea995a323bb040b50f5b7edc
563d0b70a19778405fd332ca5172840a6103cd363771108e172b1b1815303abf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11204
x-amzn-requestid: d84b9e32-9fea-45ce-87ef-508caff41b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eTFG8GIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddad-29cab07f73030a1145e941b6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zVpaEcPZ1C7mdKusWhw8JSrURp_0FYRpK-6tP-ckngxWEdUzORYGnA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:58:45 GMT
age: 33422
etag: "83339f33716c03c3ea995a323bb040b50f5b7edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2

162.241.2.87

200 OK

1.1 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9895)
Size
1.1 kB (1060 bytes)
Hash
0994592a11dcbdc6f9333f1de2243305
ec80c4a03dbce107bd98ece9730d88b3e11764c7
6c219398a8c6654f3509c8336382a83e5a4f32b7b5a9ff015c8e9c3c3a53e42f

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1060
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/uploads/elementor/css/post-3055.css?ver=1677092318

162.241.2.87

200 OK

506 B

URL HTTP/2
salads.com.br/wp-content/uploads/elementor/css/post-3055.css?ver=1677092318
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1372)
Size
506 B (506 bytes)
Hash
f0d03686de940f74907c727f51b67654
011a40f8273f98b71870d5c059d6d7fdeeae30c6
9d7a73e24210b68751a4617d3b3c1e10aba797b813aa152ee96dc4f89ffb35da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-3055.css?ver=1677092318 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 506
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1

162.241.2.87

200 OK

3.7 kB

URL HTTP/2
salads.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15672), with no line terminators
Size
3.7 kB (3725 bytes)
Hash
607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:55:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3725
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

162.241.2.87

200 OK

3.2 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12876), with no line terminators
Size
3.2 kB (3188 bytes)
Hash
7f84b307359700f39a7e8761039e24b1
f6e8d79e45aab7cb9844ad92d083c9b5710067dc
67cd705e3a4677968b1d6b97fb7d7f16bd230e2097528525f88f50b0c0a17cfc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3188
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0

162.241.2.87

200 OK

4.0 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19317)
Size
4.0 kB (4028 bytes)
Hash
dc55c6677eb7ba577cc33a793a445d4b
50bdd113723d0561abe65441a12ad3f11b4cc0f6
a52f65099984f89c987e4161fb161d1ac91a14a485740ad6d3b9dea45ba91e8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4028
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4

162.241.2.87

200 OK

912 B

URL HTTP/2
salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3508)
Size
912 B (912 bytes)
Hash
33cb5f5d5c5db5c38df9f8b4dba7d536
07c85c1da31f2768248e312159fb62037771b598
df133eeecdfef5a9aec214c8ea9533d443986f04045501236186606c81b6a8c4

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 912
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/uploads/elementor/css/post-4400.css?ver=1677092566

162.241.2.87

200 OK

1.1 kB

URL HTTP/2
salads.com.br/wp-content/uploads/elementor/css/post-4400.css?ver=1677092566
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5440)
Size
1.1 kB (1103 bytes)
Hash
d1cdff4676241bdaaf9d4069da8be613
ea8e638876fe25b7f026b51a0e1b955dfac0e311
d45d47e9d8a57f189b3d09b0abf2161f8bc02dc4da235773e5b3a010df2b994b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-4400.css?ver=1677092566 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 19:02:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/uploads/elementor/css/post-4078.css?ver=1677092319

162.241.2.87

200 OK

461 B

URL HTTP/2
salads.com.br/wp-content/uploads/elementor/css/post-4078.css?ver=1677092319
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2123), with no line terminators
Size
461 B (461 bytes)
Hash
83a2b4c36b2ffc83fe448a217ffd09d9
98d52ecb227582351ecea47c22a9fc63c0828270
40bf8a59bdaf8802e9a723b56ade52735b8c0d824abbae882f4a4b500678d8d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-4078.css?ver=1677092319 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 461
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfbfd6246978338200354211fc6cdcc5
2c5002da3735e9ca58c6ca17a50cfdac24538993
83e1a3db82651b71ab3179299bdcc0d3732282a5b2e3fd7004d6d2f1c803eee8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83E1A3DB82651B71AB3179299BDCC0D3732282A5B2E3FD7004D6D2F1C803EEE8"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5765
Expires: Sat, 18 Mar 2023 09:51:52 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

stock.statisticline.com/scripts/trick.js

162.55.76.206

200 OK

1.8 kB

URL HTTP/1.1
stock.statisticline.com/scripts/trick.js
IP
162.55.76.206:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1799), with no line terminators
Size
1.8 kB (1799 bytes)
Hash
1867613952ccc84050898a2b90673c34
b5540bd5125006be5a4660240b79e10e755bfbb8
457151a58df3b35b928c930be326d6fe3678e482555c2524e0775a04f4dec63f

HTTP Headers

GET /scripts/trick.js HTTP/1.1
Host: stock.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: application/javascript
Content-Length: 1799
Last-Modified: Sun, 12 Mar 2023 09:19:37 GMT
Connection: keep-alive
ETag: "640d9929-707"
Expires: Tue, 28 Mar 2023 08:15:47 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4

162.241.2.87

200 OK

3.3 kB

URL HTTP/2
salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (8770), with no line terminators
Size
3.3 kB (3277 bytes)
Hash
f58d8fcbe499f3c7fc1cbf83429c27ec
b7e6a63d91310421f58b03b5bf20bb56fccb9bfe
68547bdbbc6757919934f42203b2fb7262c0a8613f052a3ab2e3a008a1b2c313

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3277
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49

162.241.2.87

200 OK

13 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (59158)
Size
13 kB (12862 bytes)
Hash
e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12862
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

162.241.2.87

200 OK

3.7 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.7 kB (3747 bytes)
Hash
e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/uploads/elementor/css/global.css?ver=1677092319

162.241.2.87

200 OK

10 kB

URL HTTP/2
salads.com.br/wp-content/uploads/elementor/css/global.css?ver=1677092319
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (28292), with CRLF, LF line terminators
Size
10 kB (10022 bytes)
Hash
c07062b3725aa17496a519a46480aae3
d967cd2fa7e2ac9bd33301a4e80269f7ab047794
cb4aa588c6b21180b493357d8731e0a88106a7d7e1a19b50463d88b259a1c136

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1677092319 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10022
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1

162.241.2.87

200 OK

2.5 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5370)
Size
2.5 kB (2549 bytes)
Hash
7726700137c4eaf5be6da1f51da676bb
ca5f49742fb16d4faf085b6a12e7c07928b87adb
6617716a4dba032a9ac43f98823b2fabfbf62e2f619d5b592cc465e689efae2a

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2549
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1

162.241.2.87

200 OK

1.7 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3720)
Size
1.7 kB (1689 bytes)
Hash
ad21b1bf229878a0b4ca799b70d05bf7
dd5e9bdc9bb91397ab5593525fd82d3d961ff54b
82a562fe89172f5aa4f56886e45f826846ccf8e1626aa3dc3be749e26cec44ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1689
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2

162.241.2.87

200 OK

2.3 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4918)
Size
2.3 kB (2316 bytes)
Hash
ae310fd68fb2e1fe77f6c29ed86b24ff
29ca9594caa99893341c4ad1e728bc53ae288480
60c59a1e2702f7975f8a777a2f0b0a0f8d480641668c033e45fbb986c8cd5338

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2316
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2

162.241.2.87

200 OK

3.0 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (10019)
Size
3.0 kB (2997 bytes)
Hash
c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

162.241.2.87

200 OK

309 B

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (483)
Size
309 B (309 bytes)
Hash
0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

162.241.2.87

200 OK

4.6 kB

URL HTTP/2
salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49

162.241.2.87

200 OK

1.6 kB

URL HTTP/2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4289), with no line terminators
Size
1.6 kB (1565 bytes)
Hash
a906932a4810ce47aef805049b008746
abef23fcf127db458eb20339523e64249966c3ac
14e615fe12aa26f28a95a7f5f629c74e0013f0e307328ba1df0b09aadb6a63ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1565
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

162.241.2.87

200 OK

4.3 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (10610)
Size
4.3 kB (4258 bytes)
Hash
d03f6952741c293b3ee5301c4797b541
0dd37dd3fe307793a89d68c2a2dbca74570ecf69
7b15c8966c0727c602a872ea5e3d72c074030a768ca38b14bb52f272b445f4b8

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4258
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49

162.241.2.87

200 OK

3.1 kB

URL HTTP/2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (9763), with no line terminators
Size
3.1 kB (3130 bytes)
Hash
28a35d73e0bc382653340622a315ca7d
f7b86c4fea4b4b5e97f7a5737e25dabe3c4e06a4
1a65b9d21a768e066051fe53d2a002282115b0a8a6194b09e29c298fe0451747

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3130
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

162.241.2.87

200 OK

4.2 kB

URL HTTP/2
salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
4.2 kB (4233 bytes)
Hash
3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4233
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

162.241.2.87

200 OK

7.6 kB

URL HTTP/2
salads.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
7.6 kB (7621 bytes)
Hash
66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2

162.241.2.87

200 OK

15 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (36419)
Size
15 kB (14671 bytes)
Hash
a7f964ed45cc354d85230f86a84958a5
f8df65c13173e68567ed33f2641196cbcc07ab91
4138d86046a480b13699e8a910d5bf4220917a085f9d56834e0629cad9c69855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14671
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2

162.241.2.87

200 OK

1.2 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2620), with no line terminators
Size
1.2 kB (1187 bytes)
Hash
55936584085d0d310919b755eda1ab3f
be317c3b2ed5143669375295b3107e591bf708da
aad2265c39cafa6e01b791b1ef5025a2d237ee91346ef446beb722fdcd578d58

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1187
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

162.241.2.87

200 OK

2.7 kB

URL HTTP/2
salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.7 kB (2675 bytes)
Hash
45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2

162.241.2.87

200 OK

17 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (41866)
Size
17 kB (16779 bytes)
Hash
9add15ac8c8124ae462d0a8d3efa7351
b6f84422ee15cccf846d31cadfa87ebc714c4cb1
6ba927e4274ed8a69605d913cd546b9f1c309a750c6d0f0f15890a2170f8fca6

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16779
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2

162.241.2.87

200 OK

17 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (44745)
Size
17 kB (17436 bytes)
Hash
008d48a9e3d56e0291b89d94bb24c08f
88de1e0ad12b1483423c83a7c0249f05e93e892a
e343193b3821f45d8cbc8ba02817589b223696b5afa4144e9d0364db84aa80b7

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17436
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

162.241.2.87

200 OK

13 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (57726)
Size
13 kB (12577 bytes)
Hash
dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef94da2bb95cc26e69965dccf0bdc82c
8850fe472df281900984b966e24da6a5dfbd60de
1147065ce4cd998f27daaab17d9b0c8881a6376180fb11192c3215f5435fcd15

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1147065CE4CD998F27DAAAB17D9B0C8881A6376180FB11192C3215F5435FCD15"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1610
Expires: Sat, 18 Mar 2023 08:42:37 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9775da6664a3f02018bc6b1c015d614b
ed58a97e34229acb16a4b5191eb2907301207a3c
f721f38a05f3217df81e55407a2167873274680763343ab1f0285c5926152e51

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F721F38A05F3217DF81E55407A2167873274680763343AB1F0285C5926152E51"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12513
Expires: Sat, 18 Mar 2023 11:44:20 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

162.241.2.87

200 OK

5.7 kB

URL HTTP/2
salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.7 kB (5658 bytes)
Hash
d412d11bd140a48d23927e97b676e1c8
9c10da8bf31d2afade50e10cac53564a13e63a25
723f01516713b0e2c5f2296617b16ea28a1ef325178c8e4c4c78a392ee9b33fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 10:41:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5658
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

162.241.2.87

200 OK

8.3 kB

URL HTTP/2
salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.3 kB (8344 bytes)
Hash
838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

162.241.2.87

200 OK

1.7 kB

URL HTTP/2
salads.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4875)
Size
1.7 kB (1712 bytes)
Hash
6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1712
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1

162.241.2.87

200 OK

8.0 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (22334)
Size
8.0 kB (7989 bytes)
Hash
700c87406cf516e5ca1acac5bf8a266f
d5a323e2d02162c35511599cfd7873289decbdae
88da72195da9c438812493815a1e829f083c88df7146f26f56c7493601d8d049

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7989
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

cdn.statisticline.com/scripts/sway.js?v=2

45.9.148.165

200 OK

2.2 kB

URL HTTP/2
cdn.statisticline.com/scripts/sway.js?v=2
IP
45.9.148.165:0
ASN
#49447 Nice IT Services Group Inc.

File type
ASCII text, with very long lines (5418), with no line terminators
Size
2.2 kB (2158 bytes)
Hash
397a43826c0077bead1fc5233ec04962
06ecfc2f4d0b90fdfc940b714bb841c65180f308
c62caee1291c7def091740652c7bd961f87c8eafe38d264bab9e1edb4310135b

HTTP Headers

GET /scripts/sway.js?v=2 HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 17 Mar 2023 16:25:38 GMT
vary: Accept-Encoding
etag: W/"64149482-d57"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2

stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637

162.55.76.206

200 OK

1.3 kB

URL HTTP/1.1
stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637
IP
162.55.76.206:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3468), with no line terminators
Size
1.3 kB (1306 bytes)
Hash
ea816f9431b7af2f385c21db54d298e2
aaea04f9c826f1a05b32ea42deff047f375492b8
ffe90eca44810027cbd251af1feecd1ee8323efa64bf95c10ece317f95fda3ba

HTTP Headers

GET /9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637 HTTP/1.1
Host: stats.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 1306
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa8lbto; expires=Tue, 18 Apr 2023 08:15:47 GMT; path=/
381c9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjNcIjoxNjc5MTI3MzQ3fSxcImNhbXBhaWduc1wiOntcIjNcIjoxNjc5MTI3MzQ3fSxcInRpbWVcIjoxNjc5MTI3MzQ3fSJ9.QO1Ur9CoZ5KCgoxfkYFwR74s4GGXcm2IdKvZqmLqF_c; expires=Tue, 02 Jun 2076 16:31:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

162.241.2.87

200 OK

86 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
86 kB (85844 bytes)
Hash
18eced93d2b12b850b6fe14dcbd1c2a5
414dc9550e6a6e5d65d8931ecc01965d6ba48439
405a9d6505a18d9e27ca4b316a4d9159d7bce57f0fd51f98dbeb84164bc9c041

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1

162.241.2.87

200 OK

65 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65492)
Size
65 kB (64810 bytes)
Hash
7591d1c910d063978691aab6356e0543
255be20163bf6830b70b74a1b95d9625df02f1c2
32c5e90899a2b8746c15feb2a49e34257c22c855d6934d268e33616029be55b1

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105

162.55.76.206

200 OK

851 B

URL HTTP/1.1
stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
IP
162.55.76.206:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2003), with no line terminators
Size
851 B (851 bytes)
Hash
2615b36507259920be0c13ac25457013
ea1137c5b0deda5000d40c065cc413120ea8c73b
18e3958c974b7635664dd2ff8b91681eece2b157c7767b9dadc3e32bfe624cc9

HTTP Headers

GET /Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105 HTTP/1.1
Host: stats.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 851
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa8lbtq; expires=Tue, 18 Apr 2023 08:15:47 GMT; path=/
381c9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjc5MTI3MzQ3fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjc5MTI3MzQ3fSxcInRpbWVcIjoxNjc5MTI3MzQ3fSJ9.BRlNGb3XfcctpmeW-Juw_Cx4cG8WRtOLgBlpjtohzF8; expires=Tue, 02 Jun 2076 00:31:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

162.241.2.87

200 OK

40 kB

URL HTTP/2
salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (64361)
Size
40 kB (40390 bytes)
Hash
aa06708652c672300d96082370d604df
54527ec419e26c863ec35f9eed3435a7e45566ae
9ca2c6c23a7e1e4a3dffeadcabb9ea69769f43a2420b701b5a72d822ade4a1b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 10:41:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16152, version 1.0\012- data
Size
16 kB (16152 bytes)
Hash
e5bea5b75a21e02dc12ee4188e937a2c
b9bf8734e6aa139dd4a3d082460acdb9b03a7974
4de646e72ce71ba84b290cf6d96349002fdbe8d59a6921028be653beac18e8de

HTTP Headers

GET /s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salads.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16152
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:09:52 GMT
expires: Sat, 16 Mar 2024 02:09:52 GMT
cache-control: public, max-age=31536000
age: 108355
last-modified: Wed, 07 Dec 2022 18:10:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1

162.241.2.87

200 OK

136 kB

URL HTTP/2
salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
136 kB (136067 bytes)
Hash
e64b60638c01e0331af8dde2c2086266
d0e502580de34dc266017f7a72237341322b77c5
1ed50a234afa0948584fd6ddb3cc1739d45d961d37118feddd3c27f96255d58e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

980 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
980 B (980 bytes)
Hash
c4aa8da46c7671956ab01d12edb92076
5fdf2d22fa453b6857325d93ddd494d7aa592547
654c3d5444a62c23b0f2e21a97c80a86b861769d2242964cda0a6f3ad96eb255

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.statisticline.com/scripts/swaynew.js

45.9.148.165

200 OK

103 kB

URL HTTP/2
cdn.statisticline.com/scripts/swaynew.js
IP
45.9.148.165:0
ASN
#49447 Nice IT Services Group Inc.

File type
data
Size
103 kB (103110 bytes)
Hash
a5ea5a207a45d0e081a328062a647c4d
966af012a4b40a6127f7fdd8caa98adb87d8e9d0
9db06f711491d1ef2ceb074340732d6e0499bf65279b4747dda03336a9d120e8

HTTP Headers

GET /scripts/swaynew.js HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 17 Mar 2023 16:25:37 GMT
vary: Accept-Encoding
etag: W/"64149481-101c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
197c0e8f50c85988ae10b268db7bcd24
10330371967d4629a2b2f16e9a53438c772862e9
53c4ff8beca90a8fbf4774fa87a9da2ffb1cc940de74ef789b1263d6354bb354

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53C4FF8BECA90A8FBF4774FA87A9DA2FFB1CC940DE74EF789B1263D6354BB354"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11922
Expires: Sat, 18 Mar 2023 11:34:29 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 18 Mar 2023 07:53:25 GMT
expires: Sat, 18 Mar 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 1342
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

far.statisticline.com/away/go.php?id=64785e55-66-45776433

162.55.76.206

302 Found

0 B

URL HTTP/1.1
far.statisticline.com/away/go.php?id=64785e55-66-45776433
IP
162.55.76.206:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /away/go.php?id=64785e55-66-45776433 HTTP/1.1
Host: far.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c47aeb20b381bd3c5dc8f749c3311ee7
169db3bee0f0654406bc2ba4ce46d2be3d003503
4829a8b2ef6d36d445e7f6e433c4652d5cbf6e838a57d1608792c60560db4120

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4829A8B2EF6D36D445E7F6E433C4652D5CBF6E838A57D1608792C60560DB4120"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=889
Expires: Sat, 18 Mar 2023 08:30:37 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive

come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456

162.55.76.206

200 OK

436 B

URL HTTP/1.1
come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456
IP
162.55.76.206:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
436 B (436 bytes)
Hash
6b9ce01a02686e24c3b9119b60c46c37
8d71c33eeffcbdbaf2687fb4748f81ed45526c0b
4715212ea1eb451acb08afeba0e793a3c5c593e09509da2fe39c6ed8f9cd5cde

HTTP Headers

GET /away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456 HTTP/1.1
Host: come.sortyellowapples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salads.com.br/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0784a36694c5d74a6f765b9e473b91d5
1b88f53fd226708210ed8189f1aa7b0d48d61503
97790ea171ac7c56d6a4c7f70b0508dd20614b89458b3cf001d258ff382098d7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97790EA171AC7C56D6A4C7F70B0508DD20614B89458B3CF001D258FF382098D7"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4094
Expires: Sat, 18 Mar 2023 09:24:02 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-337VFVTX2L&gtm=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-337VFVTX2L&gtm=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-337VFVTX2L&gtm=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salads.com.br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://salads.com.br
date: Sat, 18 Mar 2023 08:15:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bluelabelsky.com/w77899721.js

134.209.192.77

200 OK

49 B

URL HTTP/2
bluelabelsky.com/w77899721.js
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
de7a2014a9db2f10fc9e6c4353257c40
11038ba6174b1871641732cd883420b8a9c2e623
7731a810f39a43942ab8020dea8921bb345f9aad0425322b4774b6985c572779

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /w77899721.js HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 21 Dec 2022 06:26:11 GMT
etag: "63a2a703-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

bluelabelsky.com/favicon.ico

134.209.192.77

204 No Content

0 B

URL HTTP/2
bluelabelsky.com/favicon.ico
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03c703079059b9c2005a148105d36eb9
80d85d69dfbdc83a29c70a6f128e407f9d3471e3
a46b1548e53adf9934c23af44b935c4564c145ba254fa13bbb8c6eab4e74306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A46B1548E53ADF9934C23AF44B935C4564C145BA254FA13BBB8C6EAB4E74306D"
Last-Modified: Thu, 16 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1462
Expires: Sat, 18 Mar 2023 08:40:10 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive

0.bluelabelsky.com/w77899721.js

134.209.192.77

200 OK

49 B

URL HTTP/2
0.bluelabelsky.com/w77899721.js
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
de7a2014a9db2f10fc9e6c4353257c40
11038ba6174b1871641732cd883420b8a9c2e623
7731a810f39a43942ab8020dea8921bb345f9aad0425322b4774b6985c572779

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /w77899721.js HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 21 Dec 2022 06:26:11 GMT
etag: "63a2a703-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

0.bluelabelsky.com/favicon.ico

134.209.192.77

204 No Content

0 B

URL HTTP/2
0.bluelabelsky.com/favicon.ico
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

dm06.biz/sw/w1s.js

212.129.25.206

200 OK

1.4 kB

URL HTTP/2
dm06.biz/sw/w1s.js
IP
212.129.25.206:0
ASN
#12876 Online S.a.s.

File type
ASCII text
Size
1.4 kB (1379 bytes)
Hash
6a3dedf203f66e0301d1fa045cf6a3ab
3d0f2c6cfecf309e862b1113c480f8cb6a0e872e
9cff3d30d5f68447dc9ec1f4adfdd4b4de5495e7c2dc4404571a6ecab9ff2919

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.bluelabelsky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8eea7bb242aedf5da8a8bf1af5a097a4
008a32028cd42ffc2b34c10f6397ff78097c1bd8
3f808b9a672de719fae4195a50d80c7774cff04656ab18a177ed733830d881da

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F808B9A672DE719FAE4195A50D80C7774CFF04656AB18A177ED733830D881DA"
Last-Modified: Thu, 16 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9157
Expires: Sat, 18 Mar 2023 10:48:27 GMT
Date: Sat, 18 Mar 2023 08:15:50 GMT
Connection: keep-alive

0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456

134.209.192.77

200 OK

0 B

URL HTTP/2
0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; expires=Mon, 17-Apr-2023 08:15:49 GMT; Max-Age=2592000; path=/; domain=0.bluelabelsky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49

162.241.2.87

200 OK

0 B

URL HTTP/2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49

162.241.2.87

200 OK

0 B

URL HTTP/2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2

162.241.2.87

200 OK

0 B

URL HTTP/2
salads.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 08:15:47 GMT
date: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Bitter&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Bitter&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Bitter&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 08:15:47 GMT
date: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

salads.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

162.241.2.87

200 OK

0 B

URL HTTP/2
salads.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 16:21:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2

salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991

162.241.2.87

200 OK

0 B

URL HTTP/2
salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&amp;id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&amp;session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2

bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456

134.209.192.77

200 OK

0 B

URL HTTP/2
bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
IP
134.209.192.77:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://come.sortyellowapples.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; expires=Mon, 17-Apr-2023 08:15:48 GMT; Max-Age=2592000; path=/; domain=bluelabelsky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

dm06.biz/sw/w1s.js

212.129.25.132

200 OK

0 B

URL HTTP/2
dm06.biz/sw/w1s.js
IP
212.129.25.132:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25

162.241.2.87

200 OK

0 B

URL HTTP/1.1
salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
IP
162.241.2.87:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 08:15:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none
Content-Length: 17465
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

dm06.biz/sw/w1s.js

212.129.25.206

200 OK

0 B

URL HTTP/2
dm06.biz/sw/w1s.js
IP
212.129.25.206:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML