r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sat, 18 Mar 2023 11:14:04 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8458
Expires: Sat, 18 Mar 2023 10:36:42 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 07:26:54 GMT
content-type: application/json
age: 2930
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11953
Expires: Sat, 18 Mar 2023 11:34:57 GMT
Date: Sat, 18 Mar 2023 08:15:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HNuBzCjKHoPbfxfwuPzEk7bDAVbqNjWyML6nAJBCv5UzGfbpF6q8nF/GvtxL0404rru74yytt1c=
x-amz-request-id: HBJHCDTGCXYGNKFX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 07:51:51 GMT
age: 1433
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 08:14:32 GMT
age: 73
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3780
Expires: Sat, 18 Mar 2023 09:18:45 GMT
Date: Sat, 18 Mar 2023 08:15:45 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.222.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.222.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mR7C9H1w7xBaILmLJ1cNQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aojv/z2Gq+Cm7FdrmIRQlUwIwkM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0e555e6156d3508c82205a700732f82
4034e26ac427a452619c27daf5d4908b70de0667
96593165f18a3d10fa8ba4bc4aa0d4297f22b7eb6b9b0ddbb2b2ce9e699b515e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96593165F18A3D10FA8BA4BC4AA0D4297F22B7EB6B9B0DDBB2B2CE9E699B515E"
Last-Modified: Sat, 18 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 18 Mar 2023 14:15:46 GMT
Date: Sat, 18 Mar 2023 08:15:46 GMT
Connection: keep-alive
salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
162.241.2.87200 OK 17 kB URL HTTP/2 salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash ae32e3800a22b13ade219a29204ea317
29d32cc050022d18d6ef7c4efaa71f56654a3050
dc3803e84688573ff83f894e0421d984f43fa76c6d59ccf4d3b2e7831870ec1c
GET /boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://salads.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 17332
content-type: text/html; charset=UTF-8
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
salads.com.br/wp-includes/css/classic-themes.min.css?ver=1
162.241.2.87200 OK 189 B URL HTTP/2 salads.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
162.241.2.87200 OK 2.3 kB URL HTTP/2 salads.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6051), with no line terminators
Hash c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:55:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2332
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991
162.241.2.87200 OK 7.2 kB URL HTTP/2 salads.com.br/wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23729)
Hash d41663c572a2b2cf0192868fcd973552
aaddbface6ea034a642e63693bf9202ba2498019
ef9233349b48433d563c460465c8eb1c8d27d2646e5ccb9e583fc9ad4b12bbe7
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=3.0.61661294991 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7177
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-164221465-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-164221465-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 3e1cff8d0766404930765c9cc781520b
eded56084295fe7785b92db9c41e9f348a46057c
afdfde6626559054fa6e7e2b38f34d98f698f2305aaed3232597863ab6f9436c
GET /gtag/js?id=UA-164221465-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 08:15:47 GMT
expires: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10724
Expires: Sat, 18 Mar 2023 11:14:31 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83142ea4b613dced13c6b95dc4113823
feb241d4bc3b1addcad3e95e635d8d178764f877
a6009dabe0546699d1ea37becdfbfe9830bc30cedcafd7882a0578b3c6562221
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57fc85ce-5719-45a9-920f-10279283429c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12359
x-amzn-requestid: 7ddacc86-c7e0-436c-8b0f-53f649fbebc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8fJvFx-oAMF5Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414df0a-05ce281451f3c4d6637ebe44;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Rd6jLe3EihVM-OzDNZhJbtF2rPXtGjI3KxBS5_R0wopjBuSKDMUSVA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:05:21 GMT
age: 36626
etag: "feb241d4bc3b1addcad3e95e635d8d178764f877"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: f904b483-c6ae-4318-9932-4e48d8188585
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTpAEUAIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f996c-5905cad6148df52e4f10ecf5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:45:16 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iFDVPB-wzZyIG9xYU-f3rnebwRbaWDo90aD520OcgsptZR0vmkc2ew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 23:05:01 GMT
age: 33046
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23a8641328e19a1089aba9c25b56f5f9
6e6bae868b11788860aa23c5c35ee86d4e7edd80
7e16b14c774413387d81c06e068738a0f97882cd32ebdbf61ad711fa8aa8a5d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5531
x-amzn-requestid: dcb5f835-dae0-4fd2-846d-33e52501b016
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eS7HtSoAMF8eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddac-2e1022da61b5532756dcbeff;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: z4j-PSYSG-H58566292KAzF1Y08DrgcxvunTtWBD8dErl3n_oRweyA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:34 GMT
etag: "6e6bae868b11788860aa23c5c35ee86d4e7edd80"
content-type: image/jpeg
age: 34933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:23 GMT
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
age: 34944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa54252-0e93-4692-8511-7bd28ee2e39a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa54252-0e93-4692-8511-7bd28ee2e39a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a8c5414f5b5a439898b0706321a070f
fa8d35fb7ea0ed35cbbf15875d2601c6249781a6
05d28868a7d19901f9002dd2ee122a916d81fee64389fad8e47eb1563cb68d7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa54252-0e93-4692-8511-7bd28ee2e39a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12039
x-amzn-requestid: 252b3768-67d8-4c73-9962-a8d976f246ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B3LLvFXDIAMFTvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6412bf17-7ff6cd8207fb88cf558ac6d1;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 07:02:47 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OFMgrd6angygF_tsNYg_R0YajERjND38odHWlg400JSRoC7jY74ToA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 07:36:31 GMT
age: 2356
etag: "fa8d35fb7ea0ed35cbbf15875d2601c6249781a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05370e6d7505b4529eea9e993f98e1fe
83339f33716c03c3ea995a323bb040b50f5b7edc
563d0b70a19778405fd332ca5172840a6103cd363771108e172b1b1815303abf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11204
x-amzn-requestid: d84b9e32-9fea-45ce-87ef-508caff41b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eTFG8GIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddad-29cab07f73030a1145e941b6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zVpaEcPZ1C7mdKusWhw8JSrURp_0FYRpK-6tP-ckngxWEdUzORYGnA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:58:45 GMT
age: 33422
etag: "83339f33716c03c3ea995a323bb040b50f5b7edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2
162.241.2.87200 OK 1.1 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9895)
Hash 0994592a11dcbdc6f9333f1de2243305
ec80c4a03dbce107bd98ece9730d88b3e11764c7
6c219398a8c6654f3509c8336382a83e5a4f32b7b5a9ff015c8e9c3c3a53e42f
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1060
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/uploads/elementor/css/post-3055.css?ver=1677092318
162.241.2.87200 OK 506 B URL HTTP/2 salads.com.br/wp-content/uploads/elementor/css/post-3055.css?ver=1677092318
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1372)
Hash f0d03686de940f74907c727f51b67654
011a40f8273f98b71870d5c059d6d7fdeeae30c6
9d7a73e24210b68751a4617d3b3c1e10aba797b813aa152ee96dc4f89ffb35da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-3055.css?ver=1677092318 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 506
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
162.241.2.87200 OK 3.7 kB URL HTTP/2 salads.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15672), with no line terminators
Hash 607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:55:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3725
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
162.241.2.87200 OK 3.2 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12876), with no line terminators
Hash 7f84b307359700f39a7e8761039e24b1
f6e8d79e45aab7cb9844ad92d083c9b5710067dc
67cd705e3a4677968b1d6b97fb7d7f16bd230e2097528525f88f50b0c0a17cfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3188
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
162.241.2.87200 OK 4.0 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19317)
Hash dc55c6677eb7ba577cc33a793a445d4b
50bdd113723d0561abe65441a12ad3f11b4cc0f6
a52f65099984f89c987e4161fb161d1ac91a14a485740ad6d3b9dea45ba91e8c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4028
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4
162.241.2.87200 OK 912 B URL HTTP/2 salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3508)
Hash 33cb5f5d5c5db5c38df9f8b4dba7d536
07c85c1da31f2768248e312159fb62037771b598
df133eeecdfef5a9aec214c8ea9533d443986f04045501236186606c81b6a8c4
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.5.4 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 912
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/uploads/elementor/css/post-4400.css?ver=1677092566
162.241.2.87200 OK 1.1 kB URL HTTP/2 salads.com.br/wp-content/uploads/elementor/css/post-4400.css?ver=1677092566
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5440)
Hash d1cdff4676241bdaaf9d4069da8be613
ea8e638876fe25b7f026b51a0e1b955dfac0e311
d45d47e9d8a57f189b3d09b0abf2161f8bc02dc4da235773e5b3a010df2b994b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-4400.css?ver=1677092566 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 19:02:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1103
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/uploads/elementor/css/post-4078.css?ver=1677092319
162.241.2.87200 OK 461 B URL HTTP/2 salads.com.br/wp-content/uploads/elementor/css/post-4078.css?ver=1677092319
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2123), with no line terminators
Hash 83a2b4c36b2ffc83fe448a217ffd09d9
98d52ecb227582351ecea47c22a9fc63c0828270
40bf8a59bdaf8802e9a723b56ade52735b8c0d824abbae882f4a4b500678d8d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-4078.css?ver=1677092319 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 461
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfbfd6246978338200354211fc6cdcc5
2c5002da3735e9ca58c6ca17a50cfdac24538993
83e1a3db82651b71ab3179299bdcc0d3732282a5b2e3fd7004d6d2f1c803eee8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83E1A3DB82651B71AB3179299BDCC0D3732282A5B2E3FD7004D6D2F1C803EEE8"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5765
Expires: Sat, 18 Mar 2023 09:51:52 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
stock.statisticline.com/scripts/trick.js
162.55.76.206200 OK 1.8 kB URL HTTP/1.1 stock.statisticline.com/scripts/trick.js
IP 162.55.76.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1799), with no line terminators
Hash 1867613952ccc84050898a2b90673c34
b5540bd5125006be5a4660240b79e10e755bfbb8
457151a58df3b35b928c930be326d6fe3678e482555c2524e0775a04f4dec63f
GET /scripts/trick.js HTTP/1.1
Host: stock.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: application/javascript
Content-Length: 1799
Last-Modified: Sun, 12 Mar 2023 09:19:37 GMT
Connection: keep-alive
ETag: "640d9929-707"
Expires: Tue, 28 Mar 2023 08:15:47 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4
162.241.2.87200 OK 3.3 kB URL HTTP/2 salads.com.br/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8770), with no line terminators
Hash f58d8fcbe499f3c7fc1cbf83429c27ec
b7e6a63d91310421f58b03b5bf20bb56fccb9bfe
68547bdbbc6757919934f42203b2fb7262c0a8613f052a3ab2e3a008a1b2c313
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.5.4 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3277
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49
162.241.2.87200 OK 13 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12862
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.241.2.87200 OK 3.7 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/uploads/elementor/css/global.css?ver=1677092319
162.241.2.87200 OK 10 kB URL HTTP/2 salads.com.br/wp-content/uploads/elementor/css/global.css?ver=1677092319
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28292), with CRLF, LF line terminators
Hash c07062b3725aa17496a519a46480aae3
d967cd2fa7e2ac9bd33301a4e80269f7ab047794
cb4aa588c6b21180b493357d8731e0a88106a7d7e1a19b50463d88b259a1c136
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1677092319 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:58:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10022
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1
162.241.2.87200 OK 2.5 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5370)
Hash 7726700137c4eaf5be6da1f51da676bb
ca5f49742fb16d4faf085b6a12e7c07928b87adb
6617716a4dba032a9ac43f98823b2fabfbf62e2f619d5b592cc465e689efae2a
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2549
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1
162.241.2.87200 OK 1.7 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3720)
Hash ad21b1bf229878a0b4ca799b70d05bf7
dd5e9bdc9bb91397ab5593525fd82d3d961ff54b
82a562fe89172f5aa4f56886e45f826846ccf8e1626aa3dc3be749e26cec44ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1689
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2
162.241.2.87200 OK 2.3 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash ae310fd68fb2e1fe77f6c29ed86b24ff
29ca9594caa99893341c4ad1e728bc53ae288480
60c59a1e2702f7975f8a777a2f0b0a0f8d480641668c033e45fbb986c8cd5338
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2316
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2
162.241.2.87200 OK 3.0 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.241.2.87200 OK 309 B URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.2.87200 OK 4.6 kB URL HTTP/2 salads.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49
162.241.2.87200 OK 1.6 kB URL HTTP/2 salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4289), with no line terminators
Hash a906932a4810ce47aef805049b008746
abef23fcf127db458eb20339523e64249966c3ac
14e615fe12aa26f28a95a7f5f629c74e0013f0e307328ba1df0b09aadb6a63ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/headroom.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1565
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
162.241.2.87200 OK 4.3 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10610)
Hash d03f6952741c293b3ee5301c4797b541
0dd37dd3fe307793a89d68c2a2dbca74570ecf69
7b15c8966c0727c602a872ea5e3d72c074030a768ca38b14bb52f272b445f4b8
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4258
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49
162.241.2.87200 OK 3.1 kB URL HTTP/2 salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9763), with no line terminators
Hash 28a35d73e0bc382653340622a315ca7d
f7b86c4fea4b4b5e97f7a5737e25dabe3c4e06a4
1a65b9d21a768e066051fe53d2a002282115b0a8a6194b09e29c298fe0451747
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-nav-menu.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3130
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.241.2.87200 OK 4.2 kB URL HTTP/2 salads.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4233
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.2.87200 OK 7.6 kB URL HTTP/2 salads.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2
162.241.2.87200 OK 15 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (36419)
Hash a7f964ed45cc354d85230f86a84958a5
f8df65c13173e68567ed33f2641196cbcc07ab91
4138d86046a480b13699e8a910d5bf4220917a085f9d56834e0629cad9c69855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14671
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2
162.241.2.87200 OK 1.2 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2620), with no line terminators
Hash 55936584085d0d310919b755eda1ab3f
be317c3b2ed5143669375295b3107e591bf708da
aad2265c39cafa6e01b791b1ef5025a2d237ee91346ef446beb722fdcd578d58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1187
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.2.87200 OK 2.7 kB URL HTTP/2 salads.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2
162.241.2.87200 OK 17 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (41866)
Hash 9add15ac8c8124ae462d0a8d3efa7351
b6f84422ee15cccf846d31cadfa87ebc714c4cb1
6ba927e4274ed8a69605d913cd546b9f1c309a750c6d0f0f15890a2170f8fca6
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16779
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2
162.241.2.87200 OK 17 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44745)
Hash 008d48a9e3d56e0291b89d94bb24c08f
88de1e0ad12b1483423c83a7c0249f05e93e892a
e343193b3821f45d8cbc8ba02817589b223696b5afa4144e9d0364db84aa80b7
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17436
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.241.2.87200 OK 13 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef94da2bb95cc26e69965dccf0bdc82c
8850fe472df281900984b966e24da6a5dfbd60de
1147065ce4cd998f27daaab17d9b0c8881a6376180fb11192c3215f5435fcd15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1147065CE4CD998F27DAAAB17D9B0C8881A6376180FB11192C3215F5435FCD15"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1610
Expires: Sat, 18 Mar 2023 08:42:37 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9775da6664a3f02018bc6b1c015d614b
ed58a97e34229acb16a4b5191eb2907301207a3c
f721f38a05f3217df81e55407a2167873274680763343ab1f0285c5926152e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F721F38A05F3217DF81E55407A2167873274680763343AB1F0285C5926152E51"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12513
Expires: Sat, 18 Mar 2023 11:44:20 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.241.2.87200 OK 5.7 kB URL HTTP/2 salads.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash d412d11bd140a48d23927e97b676e1c8
9c10da8bf31d2afade50e10cac53564a13e63a25
723f01516713b0e2c5f2296617b16ea28a1ef325178c8e4c4c78a392ee9b33fd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 10:41:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5658
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.241.2.87200 OK 8.3 kB URL HTTP/2 salads.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 14:50:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.241.2.87200 OK 1.7 kB URL HTTP/2 salads.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1712
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1
162.241.2.87200 OK 8.0 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (22334)
Hash 700c87406cf516e5ca1acac5bf8a266f
d5a323e2d02162c35511599cfd7873289decbdae
88da72195da9c438812493815a1e829f083c88df7146f26f56c7493601d8d049
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7989
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.statisticline.com/scripts/sway.js?v=2
45.9.148.165200 OK 2.2 kB URL HTTP/2 cdn.statisticline.com/scripts/sway.js?v=2
IP 45.9.148.165:0
ASN #49447 Nice IT Services Group Inc.
File type ASCII text, with very long lines (5418), with no line terminators
Hash 397a43826c0077bead1fc5233ec04962
06ecfc2f4d0b90fdfc940b714bb841c65180f308
c62caee1291c7def091740652c7bd961f87c8eafe38d264bab9e1edb4310135b
GET /scripts/sway.js?v=2 HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 17 Mar 2023 16:25:38 GMT
vary: Accept-Encoding
etag: W/"64149482-d57"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637
162.55.76.206200 OK 1.3 kB URL HTTP/1.1 stats.statisticline.com/9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637
IP 162.55.76.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3468), with no line terminators
Hash ea816f9431b7af2f385c21db54d298e2
aaea04f9c826f1a05b32ea42deff047f375492b8
ffe90eca44810027cbd251af1feecd1ee8323efa64bf95c10ece317f95fda3ba
GET /9BVf71?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637 HTTP/1.1
Host: stats.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 1306
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa8lbto; expires=Tue, 18 Apr 2023 08:15:47 GMT; path=/
381c9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjNcIjoxNjc5MTI3MzQ3fSxcImNhbXBhaWduc1wiOntcIjNcIjoxNjc5MTI3MzQ3fSxcInRpbWVcIjoxNjc5MTI3MzQ3fSJ9.QO1Ur9CoZ5KCgoxfkYFwR74s4GGXcm2IdKvZqmLqF_c; expires=Tue, 02 Jun 2076 16:31:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
162.241.2.87200 OK 86 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 18eced93d2b12b850b6fe14dcbd1c2a5
414dc9550e6a6e5d65d8931ecc01965d6ba48439
405a9d6505a18d9e27ca4b316a4d9159d7bce57f0fd51f98dbeb84164bc9c041
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1
162.241.2.87200 OK 65 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65492)
Hash 7591d1c910d063978691aab6356e0543
255be20163bf6830b70b74a1b95d9625df02f1c2
32c5e90899a2b8746c15feb2a49e34257c22c855d6934d268e33616029be55b1
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
162.55.76.206200 OK 851 B URL HTTP/1.1 stats.statisticline.com/Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
IP 162.55.76.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2003), with no line terminators
Hash 2615b36507259920be0c13ac25457013
ea1137c5b0deda5000d40c065cc413120ea8c73b
18e3958c974b7635664dd2ff8b91681eece2b157c7767b9dadc3e32bfe624cc9
GET /Y1hjNr?&se_referrer=http%3A%2F%2Fsalads.com.br%2F&default_keyword=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&&cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105 HTTP/1.1
Host: stats.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 851
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa8lbtq; expires=Tue, 18 Apr 2023 08:15:47 GMT; path=/
381c9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjc5MTI3MzQ3fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjc5MTI3MzQ3fSxcInRpbWVcIjoxNjc5MTI3MzQ3fSJ9.BRlNGb3XfcctpmeW-Juw_Cx4cG8WRtOLgBlpjtohzF8; expires=Tue, 02 Jun 2076 00:31:34 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.241.2.87200 OK 40 kB URL HTTP/2 salads.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64361)
Hash aa06708652c672300d96082370d604df
54527ec419e26c863ec35f9eed3435a7e45566ae
9ca2c6c23a7e1e4a3dffeadcabb9ea69769f43a2420b701b5a72d822ade4a1b9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 10:41:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16152, version 1.0\012- data
Hash e5bea5b75a21e02dc12ee4188e937a2c
b9bf8734e6aa139dd4a3d082460acdb9b03a7974
4de646e72ce71ba84b290cf6d96349002fdbe8d59a6921028be653beac18e8de
GET /s/bitter/v32/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salads.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16152
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:09:52 GMT
expires: Sat, 16 Mar 2024 02:09:52 GMT
cache-control: public, max-age=31536000
age: 108355
last-modified: Wed, 07 Dec 2022 18:10:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1
162.241.2.87200 OK 136 kB URL HTTP/2 salads.com.br/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 136 kB (136067 bytes)
Hash e64b60638c01e0331af8dde2c2086266
d0e502580de34dc266017f7a72237341322b77c5
1ed50a234afa0948584fd6ddb3cc1739d45d961d37118feddd3c27f96255d58e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.11.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 980 B IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash c4aa8da46c7671956ab01d12edb92076
5fdf2d22fa453b6857325d93ddd494d7aa592547
654c3d5444a62c23b0f2e21a97c80a86b861769d2242964cda0a6f3ad96eb255
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 08:15:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.statisticline.com/scripts/swaynew.js
45.9.148.165200 OK 103 kB URL HTTP/2 cdn.statisticline.com/scripts/swaynew.js
IP 45.9.148.165:0
ASN #49447 Nice IT Services Group Inc.
Size 103 kB (103110 bytes)
Hash a5ea5a207a45d0e081a328062a647c4d
966af012a4b40a6127f7fdd8caa98adb87d8e9d0
9db06f711491d1ef2ceb074340732d6e0499bf65279b4747dda03336a9d120e8
GET /scripts/swaynew.js HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 17 Mar 2023 16:25:37 GMT
vary: Accept-Encoding
etag: W/"64149481-101c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 197c0e8f50c85988ae10b268db7bcd24
10330371967d4629a2b2f16e9a53438c772862e9
53c4ff8beca90a8fbf4774fa87a9da2ffb1cc940de74ef789b1263d6354bb354
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53C4FF8BECA90A8FBF4774FA87A9DA2FFB1CC940DE74EF789B1263D6354BB354"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11922
Expires: Sat, 18 Mar 2023 11:34:29 GMT
Date: Sat, 18 Mar 2023 08:15:47 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 18 Mar 2023 07:53:25 GMT
expires: Sat, 18 Mar 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 1342
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
far.statisticline.com/away/go.php?id=64785e55-66-45776433
162.55.76.206302 Found 0 B URL HTTP/1.1 far.statisticline.com/away/go.php?id=64785e55-66-45776433
IP 162.55.76.206:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /away/go.php?id=64785e55-66-45776433 HTTP/1.1
Host: far.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 18 Mar 2023 08:15:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c47aeb20b381bd3c5dc8f749c3311ee7
169db3bee0f0654406bc2ba4ce46d2be3d003503
4829a8b2ef6d36d445e7f6e433c4652d5cbf6e838a57d1608792c60560db4120
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4829A8B2EF6D36D445E7F6E433C4652D5CBF6E838A57D1608792C60560DB4120"
Last-Modified: Thu, 16 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=889
Expires: Sat, 18 Mar 2023 08:30:37 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive
come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456
162.55.76.206200 OK 436 B URL HTTP/1.1 come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456
IP 162.55.76.206:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6b9ce01a02686e24c3b9119b60c46c37
8d71c33eeffcbdbaf2687fb4748f81ed45526c0b
4715212ea1eb451acb08afeba0e793a3c5c593e09509da2fe39c6ed8f9cd5cde
GET /away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=85168456 HTTP/1.1
Host: come.sortyellowapples.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://salads.com.br/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 08:15:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0784a36694c5d74a6f765b9e473b91d5
1b88f53fd226708210ed8189f1aa7b0d48d61503
97790ea171ac7c56d6a4c7f70b0508dd20614b89458b3cf001d258ff382098d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97790EA171AC7C56D6A4C7F70B0508DD20614B89458B3CF001D258FF382098D7"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4094
Expires: Sat, 18 Mar 2023 09:24:02 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-337VFVTX2L>m=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-337VFVTX2L>m=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-337VFVTX2L>m=45je33f0&_p=959375526&cid=302635268.1679127347&ul=en-us&sr=1280x1024&_s=1&sid=1679127347&sct=1&seg=0&dl=https%3A%2F%2Fsalads.com.br%2Fboa%2Flogin.php%3Fcmd%3Dlogin_submit%26amp%3Bid%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25%26amp%3Bsession%3D6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&dr=http%3A%2F%2Fsalads.com.br%2F&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Salad%27s&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salads.com.br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://salads.com.br
date: Sat, 18 Mar 2023 08:15:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bluelabelsky.com/w77899721.js
134.209.192.77200 OK 49 B URL HTTP/2 bluelabelsky.com/w77899721.js
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash de7a2014a9db2f10fc9e6c4353257c40
11038ba6174b1871641732cd883420b8a9c2e623
7731a810f39a43942ab8020dea8921bb345f9aad0425322b4774b6985c572779
Analyzer Verdict Alert fortinet Phishing
GET /w77899721.js HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 21 Dec 2022 06:26:11 GMT
etag: "63a2a703-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
bluelabelsky.com/favicon.ico
134.209.192.77204 No Content 0 B URL HTTP/2 bluelabelsky.com/favicon.ico
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03c703079059b9c2005a148105d36eb9
80d85d69dfbdc83a29c70a6f128e407f9d3471e3
a46b1548e53adf9934c23af44b935c4564c145ba254fa13bbb8c6eab4e74306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A46B1548E53ADF9934C23AF44B935C4564C145BA254FA13BBB8C6EAB4E74306D"
Last-Modified: Thu, 16 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1462
Expires: Sat, 18 Mar 2023 08:40:10 GMT
Date: Sat, 18 Mar 2023 08:15:48 GMT
Connection: keep-alive
0.bluelabelsky.com/w77899721.js
134.209.192.77200 OK 49 B URL HTTP/2 0.bluelabelsky.com/w77899721.js
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash de7a2014a9db2f10fc9e6c4353257c40
11038ba6174b1871641732cd883420b8a9c2e623
7731a810f39a43942ab8020dea8921bb345f9aad0425322b4774b6985c572779
Analyzer Verdict Alert fortinet Phishing
GET /w77899721.js HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 21 Dec 2022 06:26:11 GMT
etag: "63a2a703-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.bluelabelsky.com/favicon.ico
134.209.192.77204 No Content 0 B URL HTTP/2 0.bluelabelsky.com/favicon.ico
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
dm06.biz/sw/w1s.js
212.129.25.206200 OK 1.4 kB IP 212.129.25.206:0
Hash 6a3dedf203f66e0301d1fa045cf6a3ab
3d0f2c6cfecf309e862b1113c480f8cb6a0e872e
9cff3d30d5f68447dc9ec1f4adfdd4b4de5495e7c2dc4404571a6ecab9ff2919
Analyzer Verdict Alert fortinet Malware
GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.bluelabelsky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8eea7bb242aedf5da8a8bf1af5a097a4
008a32028cd42ffc2b34c10f6397ff78097c1bd8
3f808b9a672de719fae4195a50d80c7774cff04656ab18a177ed733830d881da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F808B9A672DE719FAE4195A50D80C7774CFF04656AB18A177ED733830D881DA"
Last-Modified: Thu, 16 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9157
Expires: Sat, 18 Mar 2023 10:48:27 GMT
Date: Sat, 18 Mar 2023 08:15:50 GMT
Connection: keep-alive
0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
134.209.192.77200 OK 0 B URL HTTP/2 0.bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
GET /?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 HTTP/1.1
Host: 0.bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/
Cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:49 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; expires=Mon, 17-Apr-2023 08:15:49 GMT; Max-Age=2592000; path=/; domain=0.bluelabelsky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49
162.241.2.87200 OK 0 B URL HTTP/2 salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49
162.241.2.87200 OK 0 B URL HTTP/2 salads.com.br/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.9.49 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2
162.241.2.87200 OK 0 B URL HTTP/2 salads.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.11.2 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBitter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 08:15:47 GMT
date: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Bitter&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Bitter&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Bitter&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 18 Mar 2023 08:15:47 GMT
date: Sat, 18 Mar 2023 08:15:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
salads.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.241.2.87200 OK 0 B URL HTTP/2 salads.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Nov 2022 16:21:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 18 Mar 2023 08:15:46 GMT
server: Apache
X-Firefox-Spdy: h2
salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991
162.241.2.87200 OK 0 B URL HTTP/2 salads.com.br/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=3.0.61661294991 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Feb 2023 18:50:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 18 Mar 2023 08:15:47 GMT
server: Apache
X-Firefox-Spdy: h2
bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
134.209.192.77200 OK 0 B URL HTTP/2 bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456
IP 134.209.192.77:0
ASN #14061 DIGITALOCEAN-ASN
GET /?p=ha4tcolcmu5gi3bphaydcmq&sub2=85168456 HTTP/1.1
Host: bluelabelsky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://come.sortyellowapples.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=8cba0ae4-02f9-40ef-b67c-6c79666f0e6e; expires=Mon, 17-Apr-2023 08:15:48 GMT; Max-Age=2592000; path=/; domain=bluelabelsky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
dm06.biz/sw/w1s.js
212.129.25.132200 OK 0 B IP 212.129.25.132:0
Analyzer Verdict Alert fortinet Malware
GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
162.241.2.87200 OK 0 B URL HTTP/1.1 salads.com.br/boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25
IP 162.241.2.87:0
ASN #46606 UNIFIEDLAYER-AS-1
NIDS Severity Alert suricata high ET PHISHING Generic Phishkit Activity (GET)
GET /boa/login.php?cmd=login_submit&id=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25&session=6961ae8b3cf0c0b986c0f968e4689d256961ae8b3cf0c0b986c0f968e4689d25 HTTP/1.1
Host: salads.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 08:15:44 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none
Content-Length: 17465
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
dm06.biz/sw/w1s.js
212.129.25.206200 OK 0 B IP 212.129.25.206:0
Analyzer Verdict Alert fortinet Malware
GET /sw/w1s.js HTTP/1.1
Host: dm06.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluelabelsky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 08:15:48 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Mar 2024 08:15:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2