Report - takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc

Report Overview

Submitted URL
takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc
IP
104.21.20.42
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-23 20:16:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.253.170
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	83 kB	216.58.207.195
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	142.250.74.10
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
takehost.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	31 kB	569 kB	104.21.20.42
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-23	medium	takehost.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2022-11-23	medium	takehost.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Phishing
2022-11-23	medium	takehost.com.br/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0	Phishing
2022-11-23	medium	takehost.com.br/wp-content/themes/kava/style.css?ver=2.1.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/themes/kava/theme.css?ver=2.1.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.2.3	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.6.1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.7	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=2.1.19	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-theme-core/assets/css/frontend.css?ver=2.0.7	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0	Phishing
2022-11-23	medium	takehost.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3	Phishing
2022-11-23	medium	takehost.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Phishing
2022-11-23	medium	takehost.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Phishing
2022-11-23	medium	takehost.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	takehost.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3	11 kB	2023-03-07	2024-04-10
Pretty URL takehost.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:25 Last Seen2024-04-10 22:53:21 Times Seen451 Hash 4866930a3fcfb07a1fe4561bf16f77e8 62401d87c75bf914b9fe7067e9125bb576a1953e 68c89c8c7008ea2b7df893f3fadd535ba3862fcf067204f92d516e1126b39444 Loading...

	takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2	19 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:26 Last Seen2024-04-25 13:12:28 Times Seen676 Hash 02287e4885600fda1fefe8910c703e95 624be825b7793d86d1bcf4c6dac88ffe2a3da0ca dd1617feba063690e3bf1621308e1af67c6cabcdb2602e5a1df3a14b02b94d05 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	494 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 1c3f4b12cba59cd1dbe94198526de1f3 b192a5aef762a72a3d672fff030c218c0a03c567 5471b9b431d478eebb996335c02e6f3f0074fc2136c202a1f22cde4ad881800a Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	243 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 39a57d520ef5f96fdfd945fe4e5e8c73 91742a8593d5770eea0fa10dee63507bf0c5eadf 536cbbdedd5174e3a6c265d3a11ebbda3cfdb06cca3eca797c64c2c3dd568928 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	2.1 kB	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 3d5c29f52f6a4fc6814aa60fa5376527 a35f3208fcdc34f8873b164ccc15c585682ba9b9 42c6692b9ae3e24789517758e0a0c26cf667a90afb1110a649b9a189fba91a95 Loading...

	takehost.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 15:09:14 Times Seen38045 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	takehost.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-25
Pretty URL takehost.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 15:09:13 Times Seen9806 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	takehost.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8	40 kB	2023-03-08	2024-04-21
Pretty URL takehost.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:08 Last Seen2024-04-21 09:39:37 Times Seen1057 Hash 9195e52afe51faf6fa959276ea149ae8 5e18d4c1b5344b36fe9838b381d034a375619636 0e4b2020366cf0e467191b309fe8f9a946228e2834bf2c053ae7cb8facb1d97f Loading...

	takehost.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8	5.0 kB	2023-03-08	2024-04-21
Pretty URL takehost.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:08 Last Seen2024-04-21 09:39:37 Times Seen830 Hash 40b9d7ccf0f819551e24c793b1331410 652f25c5c5ada11d6f98a3a6b0692f89a0cba560 189526e3c25dc1cd28633db393e38d926f86432f000908ed3f55aaef43778cc0 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	302 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 84cd39d96f40d736f5ba953ddc629fef 83da3e27f05ecdf6c8d2ca7855372ad11e1497cf ab70f2965ee67e78f10c6e7444492606d491a4af80f7af8869b697b17e509d75 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	59 B	2023-03-07	2024-04-12
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:45:32 Last Seen2024-04-12 18:56:31 Times Seen62 Hash 67569a3e136a945a6408aecd6467785d 34e55af7eaa07149918fa7551b7cbac33229cf8d a4d43ba1552450f924dbc38b2e921751b2b3b3af31beb230326669da090fadfe Loading...

	takehost.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 15:09:14 Times Seen52745 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	1.6 kB	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 1668b9cc8328f1a9c57832da637cfb54 e51850654beea7a944b26a711da4c57961a295e4 1ae062b4d5ea28e9f64980d3c6a3defc7bb94e2643b916e5e76cf35da680a9f3 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	2.0 kB	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 7ea19440573ce046cf17cae9927f2204 7f8ace1c3c1aa9996509fa3555ae0aa12242425b f9993aa4d162344380ba1c1adff38573a94874f46c8b1eba3a2260e599854055 Loading...

	takehost.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.7	73 kB	2023-03-07	2024-03-04
Pretty URL takehost.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.7 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-03-04 09:49:35 Times Seen120 Hash 31882682b748c8a9d56908cfa46daab5 c4a7942225c21eabd852120568efcaa74299a3ac 4b68467ee00d04bb1a179b65c7381202f4e43ddae9424c90466e67553368dbed Loading...

	takehost.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 15:09:13 Times Seen68624 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	takehost.com.br/wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1	38 kB	2023-03-08	2023-09-29
Pretty URL takehost.com.br/wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:26 Last Seen2023-09-29 06:23:08 Times Seen15 Hash 75708dc40a1346d4825561771410fccb f5e9b0e4b8dd9533f596e2d1d0c1750a15118b39 34369576af70b3810c88bf7d533d0d2edb5d272fb841134e6950d8f30ad5a74f Loading...

	takehost.com.br/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2	26 kB	2023-03-07	2023-12-30
Pretty URL takehost.com.br/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:46 Last Seen2023-12-30 17:36:42 Times Seen57 Hash 42e0861f63377794263efa3f8d2665c4 6a1debc339b2f431fb669f9aef183a1b6cfb04ec 175e5b81ddda60a41c81be18d3d13b5475c9ae271d084f892bf34ffeee7e5eeb Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	756 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 71feb7ecaaaf0a8c660c3dff9c33cc5b 2e4205db32a37169a06b3f9b9069bfb3cbca977b 14f59aa73b930d2dd21ee5af52140e96861152e3e585a6a9f9d31fecee3082da Loading...

	takehost.com.br/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3	52 kB	2023-03-07	2024-04-07
Pretty URL takehost.com.br/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:21 Last Seen2024-04-07 16:18:22 Times Seen192 Hash 0bfb16f97705b81f4e91bb2697164438 6e68ebbfd7362795bad4d7da44294f4061b58331 d618fac26048cd4c0cc9ef448cd5c0270d03a3134df53617d567e0a99df19e37 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	280 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 9d44382b9345c4b929990358577d691e 8452589793690316bc62880d61e5539d8607c9e7 64499964ffb3faeb36676f851af57e5103223a2bb33dcf5906cec5c2f5f088f7 Loading...

	takehost.com.br/wp-content/plugins/jet-elements/assets/js/lib/anime-js/anime.min.js?ver=2.2.0	14 kB	2023-03-07	2024-04-24
Pretty URL takehost.com.br/wp-content/plugins/jet-elements/assets/js/lib/anime-js/anime.min.js?ver=2.2.0 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-24 08:35:39 Times Seen1558 Hash 7b7d9c2344ec7bb776c95e6d9144470f f9e83481831a2618b30e8f38471ae8d16c2a6f21 06ec6b51daffe18a33b502f14fac6674eea1490c3677a06d054635a6d78676ce Loading...

	takehost.com.br/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2	5.3 kB	2023-03-07	2024-04-12
Pretty URL takehost.com.br/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:39 Last Seen2024-04-12 18:56:31 Times Seen78 Hash e0dbf57c9c1b29f26e3f3b52edda3a7d 1b4dce8a331f5c1f1f512c0e91ce35505e48ba66 cbfbd3825b60c5ac12042668c984fc0e20770a94e016d7d210339eaa1167ed08 Loading...

	takehost.com.br/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19	17 kB	2023-03-07	2024-02-07
Pretty URL takehost.com.br/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:45 Last Seen2024-02-07 13:38:06 Times Seen65 Hash ab082a6984666020e42c8cf5850536e7 e94808b7b875fc655646dcd679cfbd507804b44c 325ac3d3fec013eb584aeab89af23a94b36c1a8db1ae3793782f4487477da414 Loading...

	takehost.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-25
Pretty URL takehost.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 15:09:13 Times Seen31809 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	128 B	2023-03-11	2023-03-11
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:29:38 Last Seen2023-03-11 16:29:38 Times Seen1 Hash 599e6d112142f35c5faa9db8829054ea e40900332870d67b9a746098094e08b08c6c4383 87d9b04f2cb072d05984c6267adac0b542acef4e5c25ada3fd6cd6ad7e027c63 Loading...

	takehost.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-24
Pretty URL takehost.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-24 15:27:20 Times Seen2051 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11	94 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:55 Last Seen2024-04-25 13:12:29 Times Seen2533 Hash 6c81f02ad0bf8e12a66c18cab188d029 abd239f02966b2d324b0512c203bdbaf82a4ed7a 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Loading...

	takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc	493 B	2023-03-07	2024-04-16
Pretty URL takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:28 Last Seen2024-04-16 01:06:37 Times Seen52 Hash 1170dd89efe3f7bee28cc3420d5a438f 4f34af21f96dcf2a5074efdf66b95ccc465e8443 055a2c5cab755542fc84213e54d47b19d1d4c1fbca733cd3fe3b10c99247da99 Loading...

	takehost.com.br/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4	19 kB	2023-03-08	2023-11-28
Pretty URL takehost.com.br/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:26 Last Seen2023-11-28 22:29:32 Times Seen23 Hash 3c9e2b904cbe5f4a3564f0e63503e3d0 6b8786174c6d15e2f8c313d1d7029b4ded116108 e46675f41746777b5d759c49de9f3d489fa5c71ca05583a7ad8ff8f991d37a32 Loading...

	takehost.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-24
Pretty URL takehost.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-24 15:27:18 Times Seen1719 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	takehost.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-04-25
Pretty URL takehost.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-25 15:09:13 Times Seen27420 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	takehost.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8	33 kB	2023-03-08	2024-04-21
Pretty URL takehost.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:08 Last Seen2024-04-21 09:39:37 Times Seen873 Hash be470f42763699211b6bde600035489e 4ba8055c19103b570b98018e45204e3cab1d141f 9b5283387ec103868d83ebcb8ed6516cf4b29fa6c1490991ce3aff980aadfe02 Loading...

	takehost.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-08	2024-04-21
Pretty URL takehost.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 104.21.20.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:08 Last Seen2024-04-21 09:39:37 Times Seen401 Hash 55a0d55f47040dc744b911b048f9a8ab 421099805f8bd235b9e94f36e3eab95d454df74c 8022d018cf850c02b580b4d97b53a03518af6260efc76cb1d7a647b14c2f8813 Loading...

HTTP Transactions (87)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2270
Expires: Wed, 23 Nov 2022 20:54:22 GMT
Date: Wed, 23 Nov 2022 20:16:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5637
Cache-Control: max-age=143320
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:33 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:05:13 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 19:17:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3564
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7726
Expires: Wed, 23 Nov 2022 22:25:19 GMT
Date: Wed, 23 Nov 2022 20:16:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hYFRdI3lyDx592i0av6NL9DVYLKiMF6XeTVG+FGlrbk07RXBvgj8ck2NvNET/FUf8WWEP0gbkTg=
x-amz-request-id: M5FJPVBC2305B86H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 19:43:06 GMT
age: 2007
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 20:16:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 20:11:11 GMT
cache-control: public,max-age=3600
age: 322
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:33 GMT
Last-Modified: Wed, 23 Nov 2022 18:41:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.253.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.253.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A/9+hJ6vt8Mz/dLZxwnlag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Mmew3D7JJtUQhRh4Of9P4O19Tyw=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Wed, 23 Nov 2022 21:20:47 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Wed, 23 Nov 2022 21:20:47 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Wed, 23 Nov 2022 21:20:47 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4977 bytes)
Hash
0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 80387
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8683 bytes)
Hash
35a44687c086af7b41c8333297bec58e
1b3efc7e58c1e7220830d0060a6d1942869243a0
39a525fde61e3110f773cb121407925a2d2d1b8003c7beb58cf4fd8b18b8d78a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8683
x-amzn-requestid: 4e9d4c04-802f-4ab8-bb51-645f31de068a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_4G8voAMF-YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4065-01d3c8271b80e7ba7bb40f88;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g-Zj093YIQ0Kdg4oxF2aZ3HzsgNGu1l8l8Ji7trCGCZPKEgQ9riqjQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:06:09 GMT
age: 79826
etag: "1b3efc7e58c1e7220830d0060a6d1942869243a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5914 bytes)
Hash
c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 77860
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Wed, 23 Nov 2022 21:20:47 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1

142.250.74.10

200 OK

790 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
790 B (790 bytes)
Hash
e9578f5e9f09a403aa220ec3ecd26a9b
1fa477a5dc28dcb8a3e52757080e712f626d2b32
eecb650c28316f4e6f5bed26124ea65c8f5dae2d37ac8b7cc8760be9a205c796

HTTP Headers

GET /css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 23 Nov 2022 20:16:35 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7589 bytes)
Hash
06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 15:14:08 GMT
age: 18147
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Wed, 23 Nov 2022 21:20:47 GMT
Date: Wed, 23 Nov 2022 20:16:35 GMT
Connection: keep-alive

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9138 bytes)
Hash
6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 79639
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11576 bytes)
Hash
9defa28d124bae7e5ef29a1fb165ee02
2afe813f0fefae511064297ccff9a6de548104e8
8cfdd12386dcc87cfd874ed0c2d42cd33ae2a05cb35127f1a94e163d17bd5b31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11576
x-amzn-requestid: 9dd2cb2e-de79-4937-b525-05be9d57c03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrdFuxoAMFa9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee49-5437ea0f1568967278fe96ad;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1daKtJmaZARpzMRiPQaWttMITAndRqZt0VwhiBzbxzxBvw4a28a2sg==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:08:17 GMT
age: 79698
etag: "2afe813f0fefae511064297ccff9a6de548104e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

takehost.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

104.21.20.42

200 OK

12 kB

URL HTTP/1.1
takehost.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 22:26:46 GMT
Vary: Accept-Encoding
ETag: W/"63741226-172a9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3QH0m6iPUqlxTPmnUb50kK5Ju6IH5yNGWkgrttlffedZlzPYIsfxS7u3A2ecDVM%2FA42O%2BzvGqoSwfcWsk%2FI3uhmQBpsG%2FzaO4q6X1O4r0nHpUOilafP7nfqZqj7PkY2dBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec955d0b9bb50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

104.21.20.42

200 OK

5.0 kB

URL HTTP/1.1
takehost.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5004 bytes)
Hash
1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Vary: Accept-Encoding
ETag: W/"62551487-48b9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gpdj48SC8Lrlu%2F9FB%2BsQWyd8Wt%2F53LpW4PJQc%2Brvp%2BA%2BBHgz8k1prOW%2BH8OTrvTcRujzoFJ4UzkBssH%2FsEOA7vK4kUhl35wnIyMWm4g3bkR5nrGErbFkkvn3ezYL4GPQrHE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec955d09dab4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

104.21.20.42

200 OK

972 B

URL HTTP/1.1
takehost.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:38 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb6-aab"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFIPFXs5Nlw%2B5Ez1V6H5nd0TfUA8rrhuwCGV7VFsGggaNEshAQixTU1AuRSEV2a%2Be6q0f42Dqc6xbfpqrfqLRz2W%2F%2BO1IBMaF5SAxmASvPLuP8w1O38W9JhcTXRAfU3D%2FC8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec955d1e75b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/css/classic-themes.min.css?ver=1

104.21.20.42

200 OK

188 B

URL HTTP/1.1
takehost.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
188 B (188 bytes)
Hash
8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:38 GMT
ETag: W/"63622b9e-d9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV24MXayyAv%2FkkxD3YfhuNuju%2FyAhbjwzvdpKZFP55tj3tHdtEXDDz%2FLi1E0CI5VNpUaMlgoknFQ0JtSO6bEG6JTmJAX%2BCwh6BprGMUd8mC2VQkdjwx0rVz6K34Nt9Zp8mU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ec955d1c520af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://takehost.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 2547
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://takehost.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 2534
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 20:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

104.21.20.42

200 OK

7.0 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
7.0 kB (7048 bytes)
Hash
59f4db35e3c80dd021c33aec112708f6
5c162fad33b5e53632418f65b3aa8af66e4692bd
c381e9aceb8bb44c725208d94632560e2fceeb46e4997b4f94ef4be1d1a2ad16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-7917"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BC0aisGLvJe7FYZNJ3hRFayGKmxRJ9aTMwDnK2BQ2Ttfo6yWsgwmSHShrLbu1BKQT0URlqLFQV0RMD%2F5DXX72jnfZ%2BJpUTPCG0xKdHLfAZde4gvZPR4wEvWo80qh%2FHMk%2Be4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec955ff8b7b50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/themes/kava/style.css?ver=2.1.2

104.21.20.42

200 OK

4.3 kB

URL HTTP/1.1
takehost.com.br/wp-content/themes/kava/style.css?ver=2.1.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (698)
Size
4.3 kB (4330 bytes)
Hash
c6f074389746c8e689ac17b378d57397
14905508f7ad2e6ec4ac37ad49bd4ab2640020b1
efb75c9fd51bc2859afe14456d082f3717153aa35bab33d4d4ab102526625e8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kava/style.css?ver=2.1.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:26:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1768-6a9a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXNT4qRbs%2B6TrPinXRIecTjyvyeUA8%2FKgoZAir1QjSMue%2BHTmOwWt8EkaKrir7H9V0AtuPu1tcYTTcLXXePE9sdR9nTFMAK4yf2Dnmx%2BpraLlTnLXw1ano7kDYR9VxeqJdg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95600f07b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/themes/webase-child/style.css?ver=2.1.2

104.21.20.42

200 OK

336 B

URL HTTP/1.1
takehost.com.br/wp-content/themes/webase-child/style.css?ver=2.1.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
336 B (336 bytes)
Hash
9e1176dcdf83d6aebd4ddec4640d3b0f
6d8c60517ed7ec1d8082e6971dc39a5e6e306249
1b339d30d95d7b3fb875629c6ad64a561b9dc637906ccb919a8cf605a2facd0d

HTTP Headers

GET /wp-content/themes/webase-child/style.css?ver=2.1.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:27:55 GMT
ETag: W/"634b17cb-1fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNGqcqfc19UVP6K5kXlsQRGMLtVmv0EUt1CKjuDtycE%2BY6rGu2Y4eo7NapXdAFN26TShYEpud1pCCNmVVnGAvvrc0XhgTsJxC3uXZSK4aC%2BTp3u75pM0%2FuADjBdxEb1pAh4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ec95601be4b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/themes/kava/theme.css?ver=2.1.2

104.21.20.42

200 OK

11 kB

URL HTTP/1.1
takehost.com.br/wp-content/themes/kava/theme.css?ver=2.1.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
11 kB (10597 bytes)
Hash
9f15b03e17e4f97154c1ec6348a8ade6
5f1c5b385451bb25a45a5ec8ebf1deb89e3353a0
f2dd3110d4145ad56c3e10d9a98275ef0f5966a505d6a65bc16e43f1863af25b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kava/theme.css?ver=2.1.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:26:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1768-11902"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnjM%2BaAcvxOfavxCBzKqLiyjj9t%2BgPPptGtaXiz7ypvnUPgVLplwJiOno1d7hyjlDeZPnvAa3ZYU03mRho0uuZ3mRhUdJqrMUQaHa7vrd21bsJgH%2FvAPhIct6Z%2BOQ0h2aXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956018460af6-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://takehost.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 4967
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0

104.21.20.42

200 OK

12 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (56994)
Size
12 kB (12407 bytes)
Hash
1484e811d4f876d328f0860ea92a620d
6406c12fa224e36a1483e2832868e922b174a5ef
2b2e35de320a867e3aa43ece90a28b697717f2a99e344f07c4db5a8186533e28

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-df5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rKFI%2FXWAkA5Buk7uj06B%2BIUsLnlUqhaSPOk5t2SPuPk28h11kxKOlkItXTwnlmuxO95%2Bu7Zjj%2BkEMLIBHcJuLzrX74GFhGZSPCi3i4Q%2FgzD85OkTv6dMaBkMgiuU%2BGmcZ4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9562ebfab4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/favicon.ico

104.21.20.42

200 OK

236 B

URL HTTP/1.1
takehost.com.br/favicon.ico
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
236 B (236 bytes)
Hash
a7c69e88f97103d7cbae522f93380ac4
0c7349f4f77f9d5a37cabf7a066f808255c0140b
c99f87fd684dc494fdbffd3d619bc790dbb6933d74a4af97f74659ab609a3b8c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Nov 2022 20:16:35 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyX61s3uRMZbQzvpra%2FvnbWZflBomIbnCJa428A3jfmCCq1F9gRcmNNpAl5%2BV8wBs%2BSGsEYkvOFdaGeEEA1rrEon6qrfvdKAdpH5JO3yJMozNf6F83OSGpYIiS%2B76AaDeE8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec955a1df70b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.2

104.21.20.42

200 OK

11 kB

URL HTTP/1.1
takehost.com.br/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
11 kB (11003 bytes)
Hash
0e1dcb0385585ce924e5e90d85aab2f4
f5008732d1c1f352b60b18e290f72d60d800b6f3
eb47a7bcc37ba70290318b9afcc7a12ab2fa880f0bfbf62ef33ca4a34e242d3d

HTTP Headers

GET /wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=2.1.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:26:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1768-24b19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrnv5XZOp2PEXSl9PyiNpEjhVUkVTHBhWTKmTCuhiIkuVep3eY62PEKKfHVp3ZX89BndyO%2BkhRugOWoyFcPJvqu1CN5RoHgBTtX097sRd0Mqh6I6CM6P7LZuj1UP6AQZBsM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9562dda5b50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0

104.21.20.42

200 OK

4.2 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26516)
Size
4.2 kB (4229 bytes)
Hash
a23f408351ab37e6fe118d4605c09020
637f8b42309bcb2827aca454305d22664cda46c2
2fd81408c95881e1dd32f388894223dd4528bfa6ca57103b9c70ef847f19deba

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-684e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzlMSRpvW%2Bl9Qw4FXwuOq2WYXSV692My5AZ5K6EnRtMwRS5COVdLtGK%2FgeMbF1LayDwEz%2F4iLL5MuZnoeIotnNzeV%2BeGwUch4qkgWTtdrGlzf9aTqBsX6k9vJcaq%2FA2BCfE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9562f8b7b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.2.3

104.21.20.42

200 OK

6.6 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.2.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
6.6 kB (6631 bytes)
Hash
cb9afc9cda4f9c20655afd93bec10318
733f2d62e13b310822f37e96e629e334e8628fb3
827b1db9b100f721033797176bb87bbf1da6ee1898a0fd733372e11fd795caa4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.2.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-15c9e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhsM0f5H%2BAHoVTDd8uQqBQwhq%2BKF0br31nobGiIhDNflkV%2FB11SNE%2BLGxVoZRB67xeSXKGG9H2gQe51mrpHc28gtxtCJMkbi8UkTasHNEOGtmDHmyhqm14O26E%2FqiKvHcF4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95630ca80af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.6.1

104.21.20.42

200 OK

2.3 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.6.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15765), with no line terminators
Size
2.3 kB (2280 bytes)
Hash
05d2f8c4e894c67dcc7a97faa4a02a39
a9cf138694473f1cfc27d7e7d4b05b72da0cab27
1c45bfdb514130bf242f7255df79f21c728d835c58c598564e39e0affba23809

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-popup/assets/css/jet-popup-frontend.css?ver=1.6.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1bdc-3d95"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ierNnMIN9jSwjpIybDx0O4zN%2FVTTbDxoF8mpezF9pPXMN7Ay%2FgVD9cVz5kjbyTYk5OsAvMvl1%2FZv52M6m3IlgTMHoCu3neEoDgDZ5Sm7DVxb4tVnjekxcxkJKeyMVaqQOM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95646ec8b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.4

104.21.20.42

200 OK

4.8 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.4
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (43063)
Size
4.8 kB (4811 bytes)
Hash
b3deed4ea91c7f0fed38a85057369a32
7a736d779b611cd107c015c06b284cd0505deb6b
7d7d2c04e6feb826a893036386bb86034505e8e548c5a470c8b4f7b2676433a3

HTTP Headers

GET /wp-content/plugins/jet-blocks/assets/css/jet-blocks.css?ver=1.3.4 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:45 GMT
Vary: Accept-Encoding
ETag: W/"634b1bbd-a838"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq1YGqy%2BPSLZ1%2FItO8WVmjTcCoEJK64EGHUxed2usOZ%2FqtUTYgnjAlqsTX9JHNLFy5ZNsekbXchF0e%2BzhIhKB6ZdoLIvzSWzZ%2FC3tZ%2BP6o5z%2FzOPtDZq1rsXOsI%2FgzRpCpU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95654c7c0b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.7

104.21.20.42

200 OK

2.9 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.7
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17809)
Size
2.9 kB (2936 bytes)
Hash
233c793b07cad74a94f69a12df09b0a4
9993ee17bca25cae08d3df3151e6ccd93b81bc95
94bf63a20fdddde3ed240ff6365b03f1f01ff73e079c52c4590db0e6d08bfcb3

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements-skin.css?ver=2.6.7 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:48 GMT
Vary: Accept-Encoding
ETag: W/"634b1bc0-4592"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isp9dqEzpu9DFEN2l7XZvJjoCCiMjp4HLrKMfe9QW%2Fh0gDxwOfRvlyfDPg7bM9DNOkxainEoka98PKlDmftTMZiphsc5SKpJKv5gR1yymdEFu4sHTDKpE%2F3%2Bq5oBgZn%2Bq6k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9565ddbcb503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

104.21.20.42

200 OK

4.0 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19233)
Size
4.0 kB (3958 bytes)
Hash
ac7354abda04bfb9c71fb45a4f1a7428
074f24b46fb81a0a98fe838e86a1daf597885996
40c81608682b4b605ac2108ce28d4bad98a63ac4ae56abda7a2b1b757bb956d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-4b4f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnN1EwAyLIlG4YxP8xJmHiyaWcnb0iKkWj171TgreGU27M5cA5wiljB6nhH6L6qGAtv97OZPxBnyDjyZbcQpPIaWvNPbt7us4J%2BcMBRWkusm6rlnOORNzoiZLtTuMyF%2Fgzo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9565f8a10af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.7

104.21.20.42

200 OK

22 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.7
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21818 bytes)
Hash
81b936e0a66494a5d3fbbb90873b1588
1ea808c1cb7aeef93aa40a114934b840fd7f3134
0fb5d4988c0efd80c9545bdd9762304bb288b3a5ec828b98131af6271e8aa2d4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/css/jet-elements.css?ver=2.6.7 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:48 GMT
Vary: Accept-Encoding
ETag: W/"634b1bc0-38fc6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLcp%2BBl7ljrln%2BAqC3jJLjwbYfK0DXJ3EMLk6dnmLBtDRudscwCAJjNTuPQTA46PCzn1e%2FKUUv9a3eV4cj%2FPmVS%2FCq3lSnSbxIne7xz%2FWM9IyXDBU2ju1AMli%2FQ65rgRXpk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9565ca91b50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=2.1.19

104.21.20.42

200 OK

3.7 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=2.1.19
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34059)
Size
3.7 kB (3732 bytes)
Hash
c5a479bca149982a5c22f4563479a5b1
ba2cd2e32accf4d416eecdc145b915e6b95ae93e
35c912d5ddc92499621ba1ef04d3b4228d126e06720fc12594dd3f2f6fe91a1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=2.1.19 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:04 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd0-850c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ounUw4sItVh5TnlG5Pvi6lZsju%2FoOvFvGUjfFe3rQNUhxi6QZyFN5%2BI1gQbChBoC8DtOG23HwD0MVy8fnnruglIxTlgJOLbCcHbSQ9ShQutJOTLr%2Bht9DwBUIROXQkwei8E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95683fda0b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.2

104.21.20.42

200 OK

3.1 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26810)
Size
3.1 kB (3141 bytes)
Hash
49dfe45412e4ef87e67b0c5a9335c9d4
3953f4a8bce4042aa285e91a9d818e09475c72f9
0343abfdc920c739118b441bd608c08baa9da695ceb5647b3c4e4f2fde330130

HTTP Headers

GET /wp-content/plugins/jet-tricks/assets/css/jet-tricks-frontend.css?ver=1.4.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:58 GMT
Vary: Accept-Encoding
ETag: W/"634b1bca-68bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hol4zE0n%2ByxZAXIkn%2BTYF20kKuJF5yoYF6DHWMxAMqItyV58MdC25I5%2FKqWyE1Iut%2BqeYzVa3qc9J6Ia%2BQsDKrENojxlJn6xKCu3dVRUb3%2FVJmKPWly%2BR%2BpP2B1R8QODnPs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9568cb03b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8

104.21.20.42

200 OK

14 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65497)
Size
14 kB (14109 bytes)
Hash
1338e1b6fd1e118e3edfdf7f4affa789
8b845843a245dc4569dfd57735eeecc9872268d2
e2afea13020d628b3cce1539f3a40f67e5c783db3b9fc1bb22adda4e3449635f

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-1a78c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FnKfNSsBTj9JBjsrs3SQIoUD8O%2Fx2YKEt4BxiemnL2xJbFgIjd8es6jTX97mAa7XU2S645yLk48gJyvMKERlA3Fi6l9z6Cc%2BhDalhTaqB08YIopeYKwCTpyiO%2BthfomOp0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95675ba9b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-theme-core/assets/css/frontend.css?ver=2.0.7

104.21.20.42

200 OK

0 B

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-theme-core/assets/css/frontend.css?ver=2.0.7
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-theme-core/assets/css/frontend.css?ver=2.0.7 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:52 GMT
ETag: "634b1bc4-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iUYKmuksUmRSEHbKRuVz4uo5OE0LcjNzMdBA1zn2KHArSDO70wp4zKwfBHhBdxXNebGwWYSnamBS69LJ1ox6jPGmD8MSclJS7YDWAlR3mMRzihQ520IIy4QaT5QT3EuTyc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ec9568dbfc0af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

104.21.20.42

200 OK

309 B

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (483)
Size
309 B (309 bytes)
Hash
0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-29d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cza%2FeU%2FFDQBWy77s0pxc97%2BWuwC5XlTQmFWHw74iEiaqkro6IK5mWChmi%2FNY6Y5iNGO0YR3iks%2BK8BezaIXgaqavcV5WZixRCWk4yr8n7zqoBT5nmtkoa1yWxkIeWjaMhDI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956baf71b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

104.21.20.42

200 OK

13 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57726)
Size
13 kB (12581 bytes)
Hash
b8914a9a422b658a721edee22da4803f
dcb57be1523de06493b62bff04208dbb7eaf7b92
32cbd3295c9c436f50437a22d401fa3838a98c1dc03eddfc4552eda9e0a6bc6e

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-e238"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZIKnMjpP4%2FvkRqu%2BqwnrfxxQIq62zyoj%2FNqyzAXf4BZSbc0WyFmRIz0rVVwQGXBxzJTtDRZJX08uV77Z3cTLfdSQa5SYAFTBc3jrh0nlzHOuWifi0BySNM4AJkj8SajzGQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956b1be90b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0

104.21.20.42

200 OK

19 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
19 kB (18584 bytes)
Hash
127f1d8b77a76e03f1f06efa88d5a983
a8a593538c18ce93eda6a6b4f6ebf4fe1cbcc2a1
c0bf4aeed960c5e737fbee82be7db1dbf1457078c6e3d2d41edbfc46bc000d11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:42 GMT
Vary: Accept-Encoding
ETag: W/"634b1bba-218a4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDhVoA9jTaBtcF7WvGRJf1WFVE4nE%2BJV0VFoXd%2FcM5A66UaZdqgnRBoMOESO3JayJeORuLMSRr%2F%2FMQja3PLmZvYKuksqOfdl1ANLtDJmiWzRxq4QRniMrf3vrC0iYfD%2BZfY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956a2a3bb50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

104.21.20.42

200 OK

4.2 kB

URL HTTP/1.1
takehost.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Vary: Accept-Encoding
ETag: W/"5fb4e3fe-2bd8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjgNs1bxTF7wUbTYGtimQ23%2FmIjbG6uw9EXfs19TRqUfirUiArAnd%2BUu31d58W%2Fo7JZs08o5b5aVmAfsH1rHg1weeB4S4SS39MNShP7nfRwwz6oaAKJosAsC8JYbP2DwLE4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956bcf660af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

104.21.20.42

200 OK

30 kB

URL HTTP/1.1
takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32868)
Size
30 kB (29551 bytes)
Hash
e6483b14ad791bd6df1626bfdfc50d70
f313711502ef5bef80ee897a58c1024550150bcb
1a6e01e783d3008f37726fb856a399a56a2382f94dd0520c0ec367e1fec3b5b0

HTTP Headers

GET /wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deNY1NPpXV%2BFlqKDMcwyzo2txeCM37rx%2Bc3GM0WbEXspJIrnnHuH2zPlHQYjo0Mf3WKp5HPhjvJ7eNZ72ziigwdXeos1mj%2BYdWD80hqsjlcWyrlSdD%2Bpn6503zu%2FZgd93ak%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec954c78e50b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

104.21.20.42

200 OK

31 kB

URL HTTP/1.1
takehost.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
31 kB (31038 bytes)
Hash
2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:37 GMT
Vary: Accept-Encoding
ETag: W/"63622b9d-15e54"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKQS3XW%2FAZ4Uj718nrua8HGnpGvlCccFB0P5it10MuFoY2mZW8MDB%2B0y%2F%2B%2FQGRNGOLE01SDAlqmNNMWCHEpK%2BSAyNrUvSLgWmgo9FZ8PpzOk1ny2kiU0bxMPCeSZjCj24k8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956baa74b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

104.21.20.42

200 OK

1.0 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (11736)
Size
1.0 kB (1009 bytes)
Hash
93f498fb556ab9842f14509b9b2ae785
c3525db54b96988c950408a04af09de63d6683f0
f94c518c9cde9ba6d756893a82831e0a843c93e28608595ea649f6d1d8e514d0

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-2dff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQJHx5PC9wHlzBsV0purgBEn1WcGaQrdPxRJjhlsX%2FXD%2B19Ed0w5RH03i%2BbAgStaF%2BeurviGMI6eAARrb9WqTrEMPIBPnMPeMr9meh3lYxUXpp3Cpb23K9k0FQAxzVwQRww%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956d2a63b503-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://takehost.com.br
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 16 Nov 2022 20:16:47 GMT
Expires: Thu, 16 Nov 2023 20:16:47 GMT
Cache-Control: public, max-age=31536000
Age: 604791
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://takehost.com.br
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 18 Nov 2022 23:14:52 GMT
Expires: Sat, 18 Nov 2023 23:14:52 GMT
Cache-Control: public, max-age=31536000
Age: 421306
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2

takehost.com.br/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2

104.21.20.42

200 OK

1.7 kB

URL HTTP/1.1
takehost.com.br/wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.7 kB (1749 bytes)
Hash
ac07f3a8f875609452585eef62cd8903
5393a28ab1e69f0a817c151632bac23f5b27cae4
f7e1e49cf96887ba2e861d01e60e092206c282eac9f443abdc0857db33faecf0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kava/assets/js/theme-script.js?ver=2.1.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:26:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1768-14e2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9HAiMA9PHpqs7Is6%2FXMCCXDkhmPWppJeU%2BXRmAoKzASpnzdthUwu6qwns4SWDwakz0cZx2gVKlzl%2FwgKYhCuk93KkAYDvYq5ZHWnbNYzhcob7lo5p1ikm1UcxDX10KQUjs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956f4c6e0af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

104.21.20.42

200 OK

2.9 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9680), with no line terminators
Size
2.9 kB (2914 bytes)
Hash
7c2c4ebd10adb73367b5c5f0e1e5d3ce
a67e4fd0e3e7452e74b22517ba924b58307d7758
5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:38 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb6-25d0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCVTRYvgXXdh%2B%2BOVUYChSiIE%2FZZRntoFvtwbui%2B4dJe7tQGJhNrW9B7WM96v5oUzyqbMGVLq4yqSw3SYTzOrbXiyT32Pn2X8Z86eBKj%2Fx1KaejulTqD7%2Br0mfQ%2FA15mpqZg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956f4caab50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

104.21.20.42

200 OK

3.9 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
3.9 kB (3934 bytes)
Hash
7ef755c2700783f9eae63fc539149a18
e57c0c5ceb5e2fbf1aaad44aad6319f8b26b69a1
95c808afbeaf569865125c132b69df4a68bca03fd6b792d38ef9a0e341dbf06b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:38 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb6-2fb3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSaizLGrk9J0V9rWzEs5MPot15VunN%2BdHK45zbJCxud0jiIv8RGySAXQMRQfY7gR%2FUMvab%2BcvJkDS3gGmCl0Q9jQw8OhCjjSE6JjthG4re4sM9Sn9dS5aW7TEE%2B4xVmddIg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956f48bf0b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3

104.21.20.42

200 OK

10 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2070)
Size
10 kB (10335 bytes)
Hash
a2abb28fef5ed10c54a155a23ad7112f
b9413d7bbfc055aad26f3bc83eaf94a8bb14903a
1b2626442b342f4d4a85dcf8a82f020d9b5148605ddfe911a2f414a189b43112

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/js/legacy/jet-menu-public-scripts.js?ver=2.2.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-c9e3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GS42fGqBWMs3NRfWifQ%2B3vVSwLMD26fYB7nCWfTIMjvL1Irqicy0cWnc%2BLZe0W2qCBS5dfiu%2BJ02qi1KpISMFbtlcSIKvB88lak9%2FXitbogX5NMG0orI4l7BthSQtYzwxc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95700ab1b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2

104.21.20.42

200 OK

706 B

URL HTTP/1.1
takehost.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Vary: Accept-Encoding
ETag: W/"625095f6-5db"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLs0PRuv0WNi7Fox%2F6cT%2FEeQx25yqC3u2NuV5bU9BJI%2FZbo8Z54U7y5%2B0JBVllbWlJzz%2Bp7TObuAdBrRRMR90%2FtmWu9iHPBa6lm8gTKIK%2B%2FLdYyOP7%2BYPP0%2BtHtHD3KT9YA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95700fd0b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11

104.21.20.42

200 OK

34 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65449)
Size
34 kB (34100 bytes)
Hash
490c8d84c0fc37193b35a4a1457c2e0e
692e450be53b960f01d7a5209bc9c4359c51f85d
25de458a87e58434bf60271607fe83c30db96b8ad8a64a97aade7a6375d9259f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-16de6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyRlBqP1upVdvHFG1kFYWSkRB3VRCwUG8uX7cW6MIlGjVXiL4ej7TLghhpqgkGDn9PpC0r51Cj0QWvno7FpVg9HiB3MMxX2EKlu%2FJelW0cE9kQBB9S0lcR5J1HjQutvE1Kw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec956f4c5d0b65-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

104.21.20.42

200 OK

3.0 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.0 kB (2995 bytes)
Hash
4a8bd9ec5e8683ca461354b56882d3e2
993bc0c343abdd5e5f555b8ade72320ae7f59502
97cb584c6d8b9e884e58afdfe9aa8204940cb39047f2bf84d19b96db01ee8de5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb1-2fa6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayDdtH4FndjExfF%2B8xDvjF1%2BuDdnq2m%2FoEqR3oFXRy7%2FYuL4lU2BUmVUh3Fxtx1frreYkwsa4d82F5dAsr2IqKFnhTGPb0tRj8WLBeHth7OMUrmNalQ%2Bx1MuYCBPGjxQ4bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95723bec0b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

104.21.20.42

200 OK

7.1 kB

URL HTTP/1.1
takehost.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
7.1 kB (7098 bytes)
Hash
4e91f3bde34bcef7ac5a2e1553ec4b7e
398cc0b8fa5795ad41a1490b42b974621e5c3529
8ad8783c45440f481056ff5d7b9cad3e3d52bb043b9ec40260daa62feec0ea18

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:37 GMT
Vary: Accept-Encoding
ETag: W/"63622b9d-53c0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iUtyHm9YWRVs9JdyWmBU3Q3zRI5Lg%2FaYiUBzPOaYLGQ0AuwekotjsJ1NtUfLDDEpNDcoH%2FwgvHYZgllSlL3JpRKB6K%2B5U8dWrH70SMjgbaljSmvEUXj4Uq7N2KprDLJtno%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9572ff84b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8

104.21.20.42

200 OK

12 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (40474)
Size
12 kB (12047 bytes)
Hash
7e4c09573766c916b425c3fa0b178141
e8b9aa74482214c597a774b3d75796fff6419f29
7ad4e29585a106b0a65a7b204f245d124f9e24f3a0613447027e3d21d60df9f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:32 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb0-9e41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l7%2FOg4Lch7HDROoMUqgw5QjpFb%2Bk2Sy38LDxYrQdshUd9tdGBYGoAYxEBd%2BnzqSYnTiCDDBG%2F%2BRrCsnva3rYJXPMEoD5Hz6Ax9ssZpP22wwk6iu9WigGwXWQbq0%2Fm2anSw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9572fcf5b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8

104.21.20.42

200 OK

2.2 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4918)
Size
2.2 kB (2193 bytes)
Hash
d0e4eb53954c6912b6bd9ec65c7077c7
914cff98ed617cd6147417b846c3de04fb551fc8
d81efc68c2e078e814a9753404ae8bc87f7eed14de224c2c42f426d20ef46bb6

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:32 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb0-135d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx%2FYkTU7LXKfbbouCN2PGdsutFdhZ5Y9AbTTVk5LTmk7g7ac1oy8q5BdRr3wx3ll94bidVkK0MHyBBkj4k2fwkBrkRKr4LzcnJxf2eBzwASOKpjJuHB4k4P4pmSzwrC5BXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec957228350af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8

104.21.20.42

200 OK

11 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (32889)
Size
11 kB (10740 bytes)
Hash
88348e7e14ff97b1e9fbfa55f7c3a90e
b6c0f4e8738017eeaf455aacfe7593b4039670aa
9f2d14976163bee5ef433eba289c7675470da09d567a3f7f33de163a835a59cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:32 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb0-80a1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv%2BNtMgy7Ur%2Bj0jFPg3oO664Qcn4yZ5lc3xbjNJsUdyRYIb1y6mfWAMMioztAnGOA5KEcZ4hEae%2FdYM4CTi72t1lUTEDP%2Fz8EGpqduH64e13HI9nI2%2F9ZXsQby9bb8Xew%2BU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95723983b50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4

104.21.20.42

200 OK

4.8 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18966), with no line terminators
Size
4.8 kB (4777 bytes)
Hash
45184eae394bec65bf0adb7f6715a018
9e4d1dd12f43f0a4bd3a6fd464398147e3644ddd
563416662653ec0f2a8a6fdb56dfa00e448dc6835c9695a09e12141e8e07e292

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-blocks/assets/js/jet-blocks.min.js?ver=1.3.4 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:45 GMT
Vary: Accept-Encoding
ETag: W/"634b1bbd-4a16"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDD5hgUbrSPTO7j9ZYKgkJVIrlWR1UP0WVaywy988icOU8wCmTAMPZDFztbLBTVMBv%2FBH3Xor4rqAQcYKfsN42mQu1H41NshO9IWub14BbK6OLQCE085nyAAfntzjJvmZPY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9573a9930b65-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19

104.21.20.42

200 OK

4.6 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16685), with no line terminators
Size
4.6 kB (4648 bytes)
Hash
9541a81f416216cc8cb43d051135f892
27b514814acfba3229a1319d72e41126aec0c265
2e4eb7db7777e5d285323a4e59378a265b70c2902ec814163622e39166c82dc0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.1.19 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:04 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd0-412d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK6j5BeY2rI6pLf8O0wmnGR6YfjIJiJlh0ldH1pqqfevuAZAMHOfbsUBOdvSgd314XEKqefb8JTP08xlLFp9ZqqNHKNqdL8UYCqWKSmh6LFoOD1ntLcC1%2FvcN11LrZgQbAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95753f6db50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3

104.21.20.42

200 OK

3.4 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2070)
Size
3.4 kB (3448 bytes)
Hash
622a33a2ae9c9196e9d908dd0bd255c9
78e23555b5cd695dedbac1c9d44873edd408bdfd
a89ab0549721dce4c20c75ae461db229fc1eafdd0bdfd2e577c6f8fe94147d70

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-menu/includes/elementor/assets/public/js/legacy/widgets-scripts.js?ver=2.2.3 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:10 GMT
Vary: Accept-Encoding
ETag: W/"634b1bd6-2c5b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMExCJwlXMwVmkTDL5jQEyt4SeiPrVLyBA3L7D4CT7odxfA0mHsBA5AOeT2pq3MxFLVcO4l3VV86edXJIzwmpJysgHChoXPQBHPvqhRLsP3GgejHan59fqZWjPNSVAG9uMg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95746a11b4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-elements/assets/js/lib/anime-js/anime.min.js?ver=2.2.0

104.21.20.42

200 OK

6.1 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-elements/assets/js/lib/anime-js/anime.min.js?ver=2.2.0
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (547)
Size
6.1 kB (6057 bytes)
Hash
733a2b7862fb24d5ec57bc7d2fb3622e
48edb351f16124c8250dd25f7c1664715440282a
aa414991d9bd107e7aedf75e761ed5a37628388ab905307c6e960ac32fcd5183

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/js/lib/anime-js/anime.min.js?ver=2.2.0 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:48 GMT
Vary: Accept-Encoding
ETag: W/"634b1bc0-3854"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwr6myMv8sGIXrlMgdeE6Cru%2FgEbXaB1HKDMp2pMnW7twqAKS%2FvntRJ1yFtlduI1x7AieF6X%2Fu%2BvzUbEHJTDBEGFm0o3TyzNZRC%2BNOc6cObB5MKeJrdesoVgrYIU35TADF4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95747f5eb503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1

104.21.20.42

200 OK

7.1 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
7.1 kB (7050 bytes)
Hash
39b182561b332cd04d16c32bf23a6474
615c9fa5dcc33248d08969f6947ada7ef6aefbae
1446b8b823e8fd92e762ab698759fe4ed3339506de9bd9c9043051475dab382f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-popup/assets/js/jet-popup-frontend.js?ver=1.6.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:45:16 GMT
Vary: Accept-Encoding
ETag: W/"634b1bdc-9321"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j52cRTuTnafPlrtk6%2BdDUzJrfqJ4tgNXASwjg2MxHFjdi2pwlMCbsgwqmTJEpL0X8zhZb7xY2IcLtInS%2BxQZWw4Se4gxN1xyvnzht16r2%2BctPu17L4Z6R%2BImy12nwC2Siug%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95751bb50af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.7

104.21.20.42

200 OK

24 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.7
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23779 bytes)
Hash
cf6e7fd37f841624b67a051a3abe1084
292d9cfcb0106d080380c28744f5ceca5129e30f
3e14f3138b4d0cb432bc0ce6563c15d6ccf0ecd59ea0bd32ce19036a0815bd26

HTTP Headers

GET /wp-content/plugins/jet-elements/assets/js/jet-elements.min.js?ver=2.6.7 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:48 GMT
Vary: Accept-Encoding
ETag: W/"634b1bc0-11cb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Lh%2B3AbX%2BIQ%2B0PT0tCzfdtCvQ09WtpMRWzacGmf9XPcqHjtdIUDfLCXJPZ8ukG%2BVZ%2BHAUZZ%2BsQKBelxkgShltOmltQEMoZiN1q6jNIubYpLIqDeDjfuXyCv2gmtoPYECfM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9573cd820b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2

104.21.20.42

200 OK

5.7 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.7 kB (5682 bytes)
Hash
bd3be086d5e28da0b9deb623915c53ec
4629965d46ead29b902062977c56dfcd15c7461c
995a633a3b7306d5f179fe13964a6977979aa2b01a0bcfd6e799e1fb59cc758b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-tricks/assets/js/jet-tricks-frontend.js?ver=1.4.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:58 GMT
Vary: Accept-Encoding
ETag: W/"634b1bca-663f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EbMkfzqOqIJqOU1zTCaTud2zGqDo7uxcNtwG68GAzgB166qJ1k1jXK7hYBh77PB0D%2B0za%2Bjd%2F7VTh%2FGtaO%2Fi69WBvXJ8YABRTE%2BG7S0ypXVOvLNm4p77SynMayILvwtPkY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95775f0db4f1-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/uploads/2021/07/logo.png

104.21.20.42

200 OK

1.2 kB

URL HTTP/1.1
takehost.com.br/wp-content/uploads/2021/07/logo.png
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 144 x 35, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1244 bytes)
Hash
d2077cdc0b2ebb7c39c137be1ea7b3fe
c4d186aa1ba014e7aed6065e194c2b662832222e
244bc8f8436aba040dfc7aa9b2ed19e3c55208b8847ae10db92bbbcddf0fe2ef

HTTP Headers

GET /wp-content/uploads/2021/07/logo.png HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:54:34 GMT
Vary: Accept-Encoding
ETag: W/"634b1e0a-4e9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlT%2FU0KQftn5tqaB%2FIGFb%2BlJ5uyxuneS6hIStg94k1LWj%2B8amEOMVT6CsX6ZtUVjpJZpzpwLoJ12YTZKrSzSAiQegHKB%2FGgvqJLmK6%2B6PlII1Q9uhwwcfDGkfmUuiFs7Qnc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9577ff140af6-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2

104.21.20.42

200 OK

6.6 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18506)
Size
6.6 kB (6619 bytes)
Hash
d1f2f6e17bbe120ae131751b5e69794b
8b77557bf94e8de115efe4db49de52033840da1a
9a006ab37bef2a084b7c82ffba2cbaefed36da2c8b869fa88e8ec39a6d273064

HTTP Headers

GET /wp-content/plugins/jet-tricks/assets/js/lib/tippy/popperjs.js?ver=2.5.2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:58 GMT
Vary: Accept-Encoding
ETag: W/"634b1bca-487a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g4lSwRujULx%2BvfMIJU3NGrppM0mytg%2FnIyiw51mIygHhicJwAnT3rHne%2FbaH76aFikak7kDRf49nvEirvNyPhp8IKEf6IkT3X3noO19fCWh%2BD0H4IPMN9eqdk21Z6%2FzGBw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec95769d3b0b65-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/uploads/2021/07/logo-1.png

104.21.20.42

200 OK

1.2 kB

URL HTTP/1.1
takehost.com.br/wp-content/uploads/2021/07/logo-1.png
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 144 x 35, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1245 bytes)
Hash
8a65cebd6e0c350752f5df9692790d38
90ef712773414e592100e333ee083564093f3fd6
93d66516d58d855ae34896b295e220740010a297c9e994c63e38d1fe9b987872

HTTP Headers

GET /wp-content/uploads/2021/07/logo-1.png HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:54:46 GMT
Vary: Accept-Encoding
ETag: W/"634b1e16-4e9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F84plkIoBshUWuqxRGYXsFKlqEhbtjTY1TCTMLYTYq2zoKozdJ%2FiIg53oSu54ASjrt6aJO9T6Ma47bJvi7uMtciwQN87F6ugzNebnbx1H5hhk8RNdsg53JQyz%2BlGNm4ujc4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec957819c10b31-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1

104.21.20.42

200 OK

18 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (1407)
Size
18 kB (18476 bytes)
Hash
15a1af178c8de75aa88e4b063cf0f776
cc022a6e16d8bcd55b105e154a2da77e6c8e9583
d2c0b3eb69b50c40c658ade0164e112a98e395d9802ea7108173ed6638cfd16b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jet-tricks/assets/js/lib/tippy/tippy-bundle.js?ver=6.3.1 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:58 GMT
Vary: Accept-Encoding
ETag: W/"634b1bca-13099"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge9ZTNWS093ULY%2By0nMs6QGjuIxrTYF2IbBbFZCPkDk7nxDg9ySRQua16CNvDruIUIMiytQXAppHmN9qWXcnayMO5EeuK%2FZeKbjoRusQQ%2FrhDrIr69KUHjK0xpg2lNDat3I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec9576a9e6b50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

104.21.20.42

200 OK

78 kB

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://takehost.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: font/woff2
Content-Length: 78196
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:33 GMT
ETag: "13174-5eb18cf49e6d4"
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuqJhQpcFgLbW4nfKxQmAOl2e907rfStQC7J2LSywOhxB1jHTx5vE3n9UY6fSQwdtiKHJDlcHHYjg1Q2SXe0b%2FuZ2ROOfww0%2BcJ8sGInFvLdFgNH3ssSXdG19Scn8K5FkgY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ec95775cb6b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

104.21.20.42

200 OK

665 B

URL HTTP/1.1
takehost.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1320)
Size
665 B (665 bytes)
Hash
4bacef137591d6f5574dce03bedd4017
0476cd730df5255e67d55bb7ed8f536b5d04b9b8
7de12cf9c631e69705e433ee6067d37f26028f9696ac20005402671667a9bfdc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:44:32 GMT
Vary: Accept-Encoding
ETag: W/"634b1bb0-54f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFRe02Gtsx9p6QtzzcMkJXp2twUHhMpiyo2dzN%2B4%2Br%2B5yyDbSW7%2FceYSuygAaAKlUNAC25a%2FWyYsytz5Gk2KJHaKFfPkLd0jn%2FhoAikt5%2Bzfs5oV1NPmC0%2BYreUoLmPqK8A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec957c1d80b503-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/uploads/2021/07/cropped-fav-150x150.png

104.21.20.42

200 OK

13 kB

URL HTTP/1.1
takehost.com.br/wp-content/uploads/2021/07/cropped-fav-150x150.png
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13205 bytes)
Hash
95f6bde2ddce87314201b63373b1a11e
6ecf15609db5cc6fb8d96d7b8b09552a7cbb4ee2
466d9db26b3da150903626d0e8c329c13abb67c2112652cd2e6fae0597b3f1e8

HTTP Headers

GET /wp-content/uploads/2021/07/cropped-fav-150x150.png HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:56:01 GMT
Vary: Accept-Encoding
ETag: W/"634b1e61-3379"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuBu0OBtfE11AuEtiC8eN3rrwJyIX5E5Uvv8wfzuE%2F4w1G0HHQO%2BRSDpmeiJX%2Br37PORTda1svZnHA0JRkBcCjymQPfEXQBrEwFg924J0%2BwHpyVX%2Bk2h23t8JHE1lfuL7oo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec957d5eeab50f-OSL
alt-svc: h2=":443"; ma=60

takehost.com.br/wp-content/uploads/2021/07/cropped-fav-230x230.png

104.21.20.42

200 OK

29 kB

URL HTTP/1.1
takehost.com.br/wp-content/uploads/2021/07/cropped-fav-230x230.png
IP
104.21.20.42:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 230 x 230, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (29217 bytes)
Hash
5f49a386d106e9580470536c6f287088
d6ecee59bba0334e9e9187419c3a9f392f56539f
36bbd45c024244bb7be51823cc1eaa2e3322eb1ec8fcf92dbd4d620592e91405

HTTP Headers

GET /wp-content/uploads/2021/07/cropped-fav-230x230.png HTTP/1.1
Host: takehost.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://takehost.com.br/wp-includes/ixrr/load.php?0=zgfuawvslnf2aw50qhzlzwftlmnvbq==&guce_referrer=ahr0chm6ly9sb2dpbi55ywhvby5jb20v&guce_referrer_sig=aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd_a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc_rpmz0hyfdck0olmxnmb6tpfznd5enc

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 20:16:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 20:56:01 GMT
Vary: Accept-Encoding
ETag: W/"634b1e61-7205"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmSEBa%2FF6g5lJjay0oKtBHXoYHMDTmSqQslujeCkpY0W5Iibwlb%2FF6qP7iDLglkRSA9q%2BL78yKegZ3kEUj0xJ0J61wIQ5lKeZh016TJ3Q1T%2B%2B1O3gtFmiqTW4dGdE48GLi8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec957d58460b31-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://takehost.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 20:16:35 GMT
date: Wed, 23 Nov 2022 20:16:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations